ID de Prueba:	1.3.6.1.4.1.25623.1.0.900922
Categoría:	Denial of Service
Título:	TheGreenBow IPSec VPN Client Denial Of Service Vulnerability
Resumen:	TheGreenBow IPSec VPN Client is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: TheGreenBow IPSec VPN Client is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is due to a NULL-pointer dereference error in 'tgbvpn.sys' driver when processing x80000034 IOCTLs. Vulnerability Impact: Attackers can exploit this issue via crafted requests to x80000034 IOCTL probably involving an input or output buffer size of 0 to cause denial of service. Affected Software/OS: TheGreenBow IPSec VPN Client version 4.61.003 and prior on Windows. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2918 Bugtraq: 20090817 TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local (Google Search) http://www.securityfocus.com/archive/1/505816/100/0/threaded https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php http://secunia.com/advisories/36332 http://www.vupen.com/english/advisories/2009/2294
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.