Nufw: Security Vulnerabilities
Heap-based buffer overflow in the samp_send function in nuauth/sasl.c in NuFW before 2.2.7 allows remote attackers to cause a denial of service via unspecified input on which base64 encoding is performed. NOTE: some of these details are obtained from third party information.
CVSS Score
5.0
EPSS Score
0.008
Published
2007-10-30
NuFW 2.2.3, and certain other versions after 2.0, allows remote attackers to bypass time-based packet filtering rules via certain "out of period" choices of packet transmission time.
CVSS Score
4.3
EPSS Score
0.003
Published
2007-08-21
nuauth in NuFW before 1.0.21 does not properly handle blocking TLS sockets, which allows remote authenticated users to cause a denial of service (service hang) by flooding packets at the authentication server.
CVSS Score
1.7
EPSS Score
0.002
Published
2006-03-02
nuauth in NuFW 1.0.x before 1.0.16 and 1.1 allows authenticated users to cause a denial of service via malformed packets.
CVSS Score
6.8
EPSS Score
0.006
Published
2005-12-01