彙總 ingate 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 輸入驗證問題、路徑處理缺陷與緩衝區溢位,在 生產負載與軟體部署 使用場景中可能帶來 應用程式崩潰、記憶體損壞與檔案覆寫 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2008-0263 | The SIP module in Ingate Firewall before 4.6.1 and SIParator before 4.6.1 does not reuse SIP media ports in unspecified call hold and send-only stream scenarios, which allows remote attackers to cause a denial of service (port exhaustion) via unspecified vectors. | [email protected] | 5.0 | 1.71% | 2008-01-15 | 2026-06-16 |
| CVE-2007-6099 | Unspecified vulnerability in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 might leave "media pinholes" open upon a restart of the SIP module, which might make it easier for remote attackers to conduct unauthorized activities. | [email protected] | 10.0 | 1.90% | 2007-11-21 | 2026-06-16 |
| CVE-2007-6098 | Ingate Firewall before 4.6.0 and SIParator before 4.6.0 do not log truncated (1) ICMP, (2) UDP, and (3) TCP packets, which has unknown impact and remote attack vectors; and do not log (4) serial-console login attempts with nonexistent usernames, which might make it easier for attackers with physical access to guess valid login credentials while avoiding detection. | [email protected] | 7.5 | 0.99% | 2007-11-21 | 2026-06-16 |
| CVE-2007-6097 | Unspecified vulnerability in the ICMP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and remote attack vectors, related to ICMP packets that are "incorrectly accepted." | [email protected] | 10.0 | 1.24% | 2007-11-21 | 2026-06-16 |
| CVE-2007-6096 | Ingate Firewall before 4.6.0 and SIParator before 4.6.0 use cleartext storage for passwords of "administrators with less privileges," which might allow attackers to read these passwords via unknown vectors. | [email protected] | 5.0 | 1.04% | 2007-11-21 | 2026-06-16 |
| CVE-2007-6095 | The SIP component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0, when Remote NAT Traversal is employed, does not properly perform user registration and message distribution, which might allow remote authenticated users to receive messages intended for other users. | [email protected] | 4.0 | 0.97% | 2007-11-21 | 2026-06-16 |
| CVE-2007-6094 | The IPsec module in the VPN component in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (module crash) via an IPsec Phase 2 proposal that lacks Perfect Forward Secrecy (PFS). | [email protected] | 4.3 | 1.19% | 2007-11-21 | 2026-06-16 |
| CVE-2007-6093 | The SRTP implementation in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 allows remote attackers to cause a denial of service (kernel crash) via an RTCP index that is "much more than expected." | [email protected] | 7.1 | 1.38% | 2007-11-21 | 2026-06-16 |
| CVE-2007-6092 | Buffer overflow in libsrtp in Ingate Firewall before 4.6.0 and SIParator before 4.6.0 has unknown impact and attack vectors. NOTE: it is not clear whether this issue crosses privilege boundaries. | [email protected] | 10.0 | 1.68% | 2007-11-21 | 2026-06-16 |
| CVE-2007-3177 | Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter. | [email protected] | 5.0 | 1.40% | 2007-06-11 | 2026-06-16 |
| CVE-2007-3176 | Unspecified vulnerability in Ingate Firewall and SIParator before 4.5.2 allows remote authenticated users without full privileges to download a Support Report. | [email protected] | 4.0 | 1.00% | 2007-06-11 | 2026-06-16 |
| CVE-2007-0334 | Unspecified vulnerability in the SIP module in InGate Firewall and SIParator before 4.5.1 allows remote attackers to conduct replay attacks on the authentication mechanism via unknown vectors. | [email protected] | 7.5 | 1.66% | 2007-01-17 | 2026-06-16 |
| CVE-2006-2925 | Cross-site scripting (XSS) vulnerability in the web interface in Ingate Firewall before 4.4.1 and SIParator before 4.4.1 allows remote attackers to inject arbitrary web script or HTML, and steal cookies, via unspecified vectors related to "XSS exploits" in administrator functionality. | [email protected] | 4.0 | 1.27% | 2006-06-09 | 2026-06-16 |
| CVE-2006-2924 | Ingate Firewall in the SIP module before 4.4.1 and SIParator before 4.4.1, when TLS is enabled or when SSL/TLS is enabled in the web server, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake. | [email protected] | 5.0 | 1.78% | 2006-06-09 | 2026-06-16 |
| CVE-2005-0311 | Ingate Firewall 4.1.3 and earlier does not terminate the PPTP session for an active user when the administrator disables that user from a resource, which could allow remote authenticated users to retain unauthorized access to resources. | [email protected] | 4.6 | 0.75% | 2005-05-02 | 2026-06-16 |
| CVE-2003-1112 | The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | [email protected] | 7.5 | 4.68% | 2003-12-31 | 2026-06-16 |