| |||||||||||||
| Test ID: | 1.3.6.1.4.1.25623.1.0.902104 |
| Category: | Buffer overflow |
| Title: | TheGreenBow IPSec VPN Client Local Stack Overflow Vulnerability |
| Summary: | Check for the version of TheGreenBow IPSec VPN Client |
| Description: | Overview: This host has TheGreenBow IPSec VPN Client installed and is prone to Stack Overflow vulnerability. Vulnerability Insight: The flaw is due to a boundary error when processing certain sections of 'tgb' (policy) files. Passing an overly long string to 'OpenScriptAfterUp' will trigger the overflow. Impact: Successful exploitation allows the attacker to execute arbitrary code on the system or compromise a system. Impact Level:System/Application Affected Software/OS: TheGreenBow IPSec VPN Client version 4.65.003 and prior. Fix: Apply patch from below link, http://www.thegreenbow.com/download.php?id=1000150 ***** NOTE: Ignore this warning, if above mentioned patch is manually applied. ***** References: http://secunia.com/advisories/38262 http://xforce.iss.net/xforce/xfdb/55793 http://www.senseofsecurity.com.au/advisories/SOS-10-001 |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-0392 Bugtraq: 20100121 TheGreenBow VPN Client Local Stack Overflow Vulnerability - Security Advisory - SOS-10-001 (Google Search) http://www.securityfocus.com/archive/1/archive/1/509091/100/0/threaded http://www.senseofsecurity.com.au/advisories/SOS-10-001 BugTraq ID: 40387 http://www.securityfocus.com/bid/40387 http://osvdb.org/61866 http://secunia.com/advisories/38262 XForce ISS Database: ipsecvpnclient-tgb-bo(55793) http://xforce.iss.net/xforce/xfdb/55793 |
| Copyright | Copyright (C) 2010 SecPod |
| This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |
|
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois
© 1998-2013 E-Soft Inc. All rights reserved.