Vulnerability Details CVE-2005-0311
Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.4%
CVSS Severity
CVSS v2 Score 4.6
References
- http://marc.info/?l=bugtraq&m=110684375429946&w=2
- http://secunia.com/advisories/14060
- http://securitytracker.com/id?1013022
- http://www.ingate.com/relnote-422.php
- http://www.securityfocus.com/bid/12383
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19123
- http://marc.info/?l=bugtraq&m=110684375429946&w=2
- http://secunia.com/advisories/14060
- http://securitytracker.com/id?1013022
- http://www.ingate.com/relnote-422.php
- http://www.securityfocus.com/bid/12383
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19123
Products affected by CVE-2005-0311
-
cpe:2.3:h:ingate:ingate_firewall:3.2
-
cpe:2.3:h:ingate:ingate_firewall:3.2.1
-
cpe:2.3:h:ingate:ingate_firewall:3.3.1
-
cpe:2.3:h:ingate:ingate_firewall:4.1.3