Searching nokia software vulnerabilities

Nokia Firewall Appliances running IPSO 3.3 and

VPN-1/FireWall-1 | Appliances | Firewall | Service | running | Nokia | Pack | IPSO |

Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN-1/FireWall-1 4.1 Service Pack 4, and IPSO 3.4 or IPSO 3.4.1 and VPN-1/FireWall-1 4.1 Service Pack 5, when SYN Defender is configured in Active Gateway mode, does not properly rewrite the third packet of a TCP three-way handshake to use the NAT IP address, which allows remote attackers to gain sensitive information.


ISS RealSecure for Nokia devices before IPSO bu

administrators | installation | "starscream" | connection" | 602001141d | configured | legitimate | RealSecure | connected | attackers | feature | devices | machine | enabled | manager | "skank" | device | during | remote | access | before | become | "first | could | allow | Nokia | build | which | gain | IPSO | time | user | have | ISS | key | any |

ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation.


SNMP daemon in the DX200 based network element

element | network | support | Serving | daemon | based | Nokia | DX200 | node | SNMP | GPRS |

SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings.


Nokia Gateway GPRS support node (GGSN) allows r

support | Gateway | Nokia | node | GPRS |

Nokia Gateway GPRS support node (GGSN) allows remote attackers to cause a denial of service (kernel panic) via a malformed IP packet with a 0xFF TCP option.


Cross-site scripting (XSS) vulnerability in Nok

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.


Nokia Electronic Documentation (NED) 5.0 allows

Documentation | Electronic | Nokia |

Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).


Nokia Electronic Documentation (NED) 5.0 allows

Documentation | Electronic | Nokia |

Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.


Unknown vulnerability in Nokia IPSO 3.7, config

vulnerability | configured | attackers | Clusters | service | vectors | Unknown | denial | attack | allows | remote | Nokia | cause | IPSO | via |

Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors.


Multiple vulnerabilities in Nokia 6310(i) Mobil

vulnerabilities | Multiple | Nokia |

Multiple vulnerabilities in Nokia 6310(i) Mobile phones allow remote attackers to cause a denial of service (reset) via malformed Bluetooth OBject EXchange (OBEX) messages, probably triggering buffer overflows.


Nokia Symbian 60 allows remote attackers to cau

attackers | Symbian | service | denial | allows | remote | Nokia | cause |

Nokia Symbian 60 allows remote attackers to cause a denial of service (phone restart) via a Bluetooth nickname.


The vCard viewer in Nokia 9500 allows attackers

viewer | Nokia | vCard |

The vCard viewer in Nokia 9500 allows attackers to cause a denial of service (crash) via a vCard with a long Name field, which causes the crash when the user views it.


Buffer overflow in Bluetooth FTP client (BTFTP)

Bluetooth | overflow | client | Buffer | FTP |

Buffer overflow in Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary code via a long filename in an OBEX file share.


Bluetooth FTP client (BTFTP) in Nokia Affix 2.1

Bluetooth | client | FTP |

Bluetooth FTP client (BTFTP) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename argument of a PUT command.


The event_pin_code_request function in the btsr

event_pin_code_request | function | daemon | btsrv |

The event_pin_code_request function in the btsrv daemon (btsrv.c) in Nokia Affix 2.1.2 and 3.2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a Bluetooth device name.


Nokia 7610 and 3210 phones allows attackers to

Nokia |

Nokia 7610 and 3210 phones allows attackers to cause a denial of service via certain characters in the filename of a Bluetooth OBEX transfer.


Nokia N70 cell phone allows remote attackers to

attackers | service | remote | denial | allows | caues | Nokia | phone | cell | N70 |

Nokia N70 cell phone allows remote attackers to caues a denial of service (reboot or shutdown) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet whose length field is less than the actual length of the packet, possibly triggering a buffer overflow, as demonstrated using the Bluetooth Stack Smasher (BSS).


The Nokia N70 phone allows remote attackers to

attackers | service | remote | denial | allows | Nokia | cause | phone | N70 |

The Nokia N70 phone allows remote attackers to cause a denial of service (continual modal dialogs and UI unavailability) by repeatedly trying to OBEX push a file over Bluetooth, as demonstrated by ussp-push.


Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.

Intellisync | Mobile | Suite | Nokia |

Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to obtain user names and other sensitive information via a direct request to (1) usrmgr/userList.asp or (2) usrmgr/userStatusList.asp.


usrmgr/userList.asp in Nokia Intellisync Mobile

usrmgr/userListasp | Intellisync | Mobile | Suite | Nokia |

usrmgr/userList.asp in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allows remote attackers to modify user account details and cause a denial of service (account deactivation) via the userid parameter in an update action.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in Nokia Intellisync Mobile Suite 6.4.31.2, 6.6.0.107, and 6.6.2.2, possibly involving Novell Groupwise Mobile Server and Nokia Intellisync Wireless Email Express, allow remote attackers to inject arbitrary web script or HTML via the (1) username parameter to de/pda/dev_logon.asp and (2) multiple unspecified vectors in (a) usrmgr/registerAccount.asp, (b) de/create_account.asp, and other files.


Software vulnerabilities results 1 to 20 of 21     
Page: 12