|Category:||Denial of Service|
|Title:||TheGreenBow IPSec VPN Client Denial Of Service Vulnerability|
|Summary:||Check for the version of TheGreenBow IPSec VPN Client|
This host has TheGreenBow IPSec VPN Client installed and is prone to Denial
of Service vulnerability.
The flaw is due to a NULL-pointer dereference error in 'tgbvpn.sys' driver
when processing x80000034 IOCTLs.
Attackers can exploit this issue via crafted requests to x80000034 IOCTL
probably involving an input or output buffer size of 0 to cause denial
Impact Level: Application
TheGreenBow IPSec VPN Client version 4.61.003 and prior on Windows.
No solution or patch is available as of 26th August, 2009. Information
regarding this issue will be updated once the solution details are available.
For updates refer to http://www.thegreenbow.com/vpn.html
Common Vulnerability Exposure (CVE) ID: CVE-2009-2918|
Bugtraq: 20090817 TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local (Google Search)
|Copyright||Copyright (C) 2009 SecPod|
|This is only one of 40605 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.