VYPR

Vendor CVEs

Network Associates

All CVEs

28 total · sorted by risk
  • CVE-2001-1320Jul 16, 2001
    risk 0.08cvss epss 0.68

    Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite.

  • CVE-2000-1129Jan 9, 2001
    risk 0.03cvss epss 0.02

    McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field.

  • CVE-2000-0739Oct 20, 2000
    risk 0.03cvss epss 0.03

    Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server.

  • CVE-2000-0741Oct 20, 2000
    risk 0.03cvss epss 0.05

    Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.

  • CVE-2000-0740Oct 20, 2000
    risk 0.03cvss epss 0.05

    Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port.

  • CVE-2000-0437May 18, 2000
    risk 0.03cvss epss 0.06

    Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands.

  • CVE-1999-0683Jul 30, 1999
    risk 0.03cvss epss 0.02

    Denial of service in Gauntlet Firewall via a malformed ICMP packet.

  • CVE-2002-1121Sep 24, 2002
    risk 0.01cvss epss 0.07

    SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046…

  • CVE-2005-2554Aug 12, 2005
    risk 0.00cvss epss 0.00

    The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.

  • CVE-2002-2224Dec 31, 2002
    risk 0.00cvss epss 0.03

    Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI)…

  • CVE-2002-1977Dec 31, 2002
    risk 0.00cvss epss 0.00

    Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase Cache" option, which could allow attackers to open encrypted files without providing a passphrase.

  • CVE-2002-0685Jul 23, 2002
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail…

  • CVE-2002-0208May 16, 2002
    risk 0.00cvss epss 0.02

    PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire.

  • CVE-2001-1542Dec 31, 2001
    risk 0.00cvss epss 0.03

    NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments.

  • CVE-2001-1252Sep 28, 2001
    risk 0.00cvss epss 0.03

    Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory.

  • CVE-2001-1456Sep 4, 2001
    risk 0.00cvss epss 0.06

    Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

  • CVE-2000-1157Jan 9, 2001
    risk 0.00cvss epss 0.03

    Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name.

  • CVE-2000-1130Jan 9, 2001
    risk 0.00cvss epss 0.02

    McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.

  • CVE-2000-1159Jan 9, 2001
    risk 0.00cvss epss 0.02

    NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UDP authentication packets and spoofing commands.

  • CVE-2000-1160Jan 9, 2001
    risk 0.00cvss epss 0.01

    NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests.

  • CVE-2000-1158Jan 9, 2001
    risk 0.00cvss epss 0.01

    NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords.

  • CVE-2000-0738Oct 20, 2000
    risk 0.00cvss epss 0.02

    WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail.

  • CVE-2000-0650Jul 11, 2000
    risk 0.00cvss epss 0.00

    The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.

  • CVE-2000-0528Jun 19, 2000
    risk 0.00cvss epss 0.02

    Net Tools PKI Server does not properly restrict access to remote attackers when the XUDA template files do not contain absolute pathnames for other files.

  • CVE-2000-0529Jun 19, 2000
    risk 0.00cvss epss 0.02

    Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request.

  • CVE-2000-0448May 1, 2000
    risk 0.00cvss epss 0.02

    The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command.

  • CVE-2000-0447May 1, 2000
    risk 0.00cvss epss 0.04

    Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service.

  • CVE-1999-1195May 5, 1999
    risk 0.00cvss epss 0.02

    NAI VirusScan NT 4.0.2 does not properly modify the scan.dat virus definition file during an update via FTP, but it reports that the update was successful, which could cause a system administrator to believe that the definitions have been updated correctly.