DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program.
Max CVSS
7.8
EPSS Score
0.06%
Published
2020-01-15
Updated
2020-01-24
Multiple buffer overflows in DeleGate before 8.11.1 may allow attackers to cause a denial of service or execute arbitrary code, possibly due to "overflows on arrays."
Max CVSS
7.5
EPSS Score
0.44%
Published
2005-05-02
Updated
2017-07-11
Buffer overflow in the ssl_prcert function in the SSLway filter (sslway.c) for DeleGate 8.9.2 and earlier allows remote attackers to execute arbitrary code via a certificate with a long (1) subject or (2) issuer name field.
Max CVSS
7.5
EPSS Score
14.28%
Published
2004-05-06
Updated
2017-07-11
Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.
Max CVSS
7.5
EPSS Score
4.01%
Published
2002-12-31
Updated
2017-07-11
Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands within a "403 Forbidden" error page, which allows remote attackers to execute arbitrary Javascript on other clients via a URL that generates an error.
Max CVSS
7.5
EPSS Score
3.12%
Published
2001-12-28
Updated
2016-10-18
5 vulnerabilities found