Delegate
by Delegate
CVEs (10)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-2003 | 0.04 | — | 0.07 | May 6, 2004 | Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field. | |||
| CVE-2001-1202 | 0.04 | — | 0.07 | Dec 28, 2001 | Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error. | |||
| CVE-2000-0165 | 0.04 | — | 0.11 | Nov 13, 1999 | The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. | |||
| CVE-2015-7556 | 0.03 | — | 0.01 | Jan 15, 2020 | DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program. | |||
| CVE-2006-2072 | 0.00 | — | 0.03 | Apr 27, 2006 | Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or… | |||
| CVE-2005-0036 | 0.00 | — | 0.03 | Dec 31, 2005 | The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. | |||
| CVE-2005-0861 | 0.00 | — | 0.02 | May 2, 2005 | Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to "overflows on arrays." | |||
| CVE-2004-0789 | 0.00 | — | 0.03 | Dec 31, 2004 | Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU… | |||
| CVE-2002-1781 | 0.00 | — | 0.03 | Dec 31, 2002 | Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy. | |||
| CVE-1999-1338 | 0.00 | — | 0.01 | Jul 21, 1999 | Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions. |
- CVE-2004-2003May 6, 2004risk 0.04cvss —epss 0.07
Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field.
- CVE-2001-1202Dec 28, 2001risk 0.04cvss —epss 0.07
Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.
- CVE-2000-0165Nov 13, 1999risk 0.04cvss —epss 0.11
The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands.
- CVE-2015-7556Jan 15, 2020risk 0.03cvss —epss 0.01
DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.
- CVE-2006-2072Apr 27, 2006risk 0.00cvss —epss 0.03
Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or…
- CVE-2005-0036Dec 31, 2005risk 0.00cvss —epss 0.03
The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop.
- CVE-2005-0861May 2, 2005risk 0.00cvss —epss 0.02
Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to "overflows on arrays."
- CVE-2004-0789Dec 31, 2004risk 0.00cvss —epss 0.03
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU…
- CVE-2002-1781Dec 31, 2002risk 0.00cvss —epss 0.03
Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.
- CVE-1999-1338Jul 21, 1999risk 0.00cvss —epss 0.01
Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions.