汇总 delegate 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
常见弱点模式包括 缓冲区溢出、拒绝服务与跨站脚本,在 软件部署与生产负载 使用场景中可能带来 应用崩溃 等风险。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2015-7556 | DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program. | [email protected] | 7.8 | 0.24% | 2020-01-15 | 2024-11-21 |
| CVE-2006-2072 | Multiple unspecified vulnerabilities in DeleGate 9.x before 9.0.6 and 8.x before 8.11.6 allow remote attackers to cause a denial of service via crafted DNS responses messages that cause (1) a buffer over-read or (2) infinite recursion, which can trigger a segmentation fault or invalid memory access, as demonstrated by the OUSPG PROTOS DNS test suite. | [email protected] | 5.0 | 2.11% | 2006-04-27 | 2026-04-16 |
| CVE-2005-0036 | The DNS implementation in DeleGate 8.10.2 and earlier allows remote attackers to cause a denial of service via a compressed DNS packet with a label length byte with an incorrect offset, which could trigger an infinite loop. | [email protected] | 5.0 | 0.89% | 2005-12-31 | 2026-04-16 |
| CVE-2005-0861 | Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to "overflows on arrays." | [email protected] | 7.5 | 0.90% | 2005-05-02 | 2026-04-16 |
| CVE-2004-0789 | Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet. | [email protected] | 5.0 | 1.96% | 2004-12-31 | 2026-04-16 |
| CVE-2004-2003 | Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field. | [email protected] | 7.5 | 7.40% | 2004-05-06 | 2026-04-16 |
| CVE-2002-1781 | Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy. | [email protected] | 7.5 | 3.85% | 2002-12-31 | 2026-04-16 |
| CVE-2001-1202 | Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error. | [email protected] | 7.5 | 3.36% | 2001-12-28 | 2026-04-16 |
| CVE-1999-1338 | Delegate proxy 5.9.3 and earlier creates files and directories in the DGROOT with world-writable permissions. | [email protected] | 5.0 | 0.45% | 1999-07-21 | 2026-04-16 |