| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.900922 |
| Category: | Denial of Service |
| Title: | TheGreenBow IPSec VPN Client Denial Of Service Vulnerability |
| Summary: | Check for the version of TheGreenBow IPSec VPN Client |
| Description: | Overview: This host has TheGreenBow IPSec VPN Client installed and is prone to Denial of Service vulnerability. Vulnerability Insight: The flaw is due to a NULL-pointer dereference error in 'tgbvpn.sys' driver when processing x80000034 IOCTLs. Impact: Attackers can exploit this issue via crafted requests to x80000034 IOCTL probably involving an input or output buffer size of 0 to cause denial of service. Impact Level: Application Affected Software/OS: TheGreenBow IPSec VPN Client version 4.61.003 and prior on Windows. Fix: No solution or patch is available as of 26th August, 2009. Information regarding this issue will be updated once the solution details are available. For updates refer to http://www.thegreenbow.com/vpn.html References: http://secunia.com/advisories/36332/ http://www.vupen.com/english/advisories/2009/2294 http://www.securityfocus.com/archive/1/archive/1/505816/100/0/threaded |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2009-2918 Bugtraq: 20090817 TheGreenBow VPN Client tgbvpn.sys DoS and Potential Local (Google Search) http://www.securityfocus.com/archive/1/archive/1/505816/100/0/threaded https://www.evilfingers.com/advisory/Advisory/TheGreenBow_VPN_Client_tgbvpn.sys_DoS.php http://secunia.com/advisories/36332 http://www.vupen.com/english/advisories/2009/2294 |
| Copyright | Copyright (C) 2009 SecPod |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.