Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
20 vulnerabilities by safenet
VAR-201112-0313
Vulnerability from variot - Updated: 2023-12-18 12:31Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file. Safenet provides software protection and certificate management products, affected products Sentinel HASP, previously Aladdin HASP SRM is a digital certificate management program. 7T IGSS uses the SafeNet Sentinel HASP SDK for managing digital certificates. Special characters allow an attacker to build and inject HTML into a configuration file. Successful exploitation of the vulnerability allows an attacker to change the code in the configuration file. This vulnerability can be reproduced using Mozilla FIrefox 2.0, which is currently not triggered by current Mozilla Firefox, Microsoft Internet Explorer, Opera, and Google Chrome. SafeNet Sentinel HASP and 7T IGSS are prone to an HTML-injection vulnerability because they fail to properly sanitize user-supplied input. Attacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: SafeNet Sentinel HASP Admin Control Center Script Insertion Weakness
SECUNIA ADVISORY ID: SA47349
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47349/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47349
RELEASE DATE: 2011-12-22
DISCUSS ADVISORY: http://secunia.com/advisories/47349/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47349/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47349
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A weakness has been reported in SafeNet Sentinel HASP Run-time Environment, which can be exploited by malicious users to conduct script insertion attacks.
Successful exploitation requires a victim to view injected data using Mozilla Firefox version 2.0.
The weakness is reported in version 5.95 and prior.
SOLUTION: Apply patch (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Carlos Mario Penagos Hollman, Synapse-labs.
ORIGINAL ADVISORY: SafeNet: http://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339/
ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-11-314-01.pdf
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201112-0313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "sentinel hasp sdk",
"scope": "lte",
"trust": 1.8,
"vendor": "safenet",
"version": "5.10"
},
{
"model": "interactive graphical scada system",
"scope": "eq",
"trust": 1.7,
"vendor": "7",
"version": "7"
},
{
"model": "igss",
"scope": "eq",
"trust": 1.6,
"vendor": "7t",
"version": "7"
},
{
"model": "sentinel hasp run-time",
"scope": "lte",
"trust": 1.0,
"vendor": "safenet",
"version": "5.95"
},
{
"model": "sentinel hasp sdk",
"scope": "eq",
"trust": 0.9,
"vendor": "safenet",
"version": "5.10"
},
{
"model": "sentinel hasp run-time",
"scope": "eq",
"trust": 0.9,
"vendor": "safenet",
"version": "5.95"
},
{
"model": "firefox",
"scope": "eq",
"trust": 0.8,
"vendor": "mozilla",
"version": "2.0"
},
{
"model": "sentinel hasp run-time environment",
"scope": "lte",
"trust": 0.8,
"vendor": "safenet",
"version": "5.95"
},
{
"model": "sentinel hasp sdk",
"scope": "ne",
"trust": 0.3,
"vendor": "safenet",
"version": "5.11"
},
{
"model": "sentinel hasp run-time",
"scope": "ne",
"trust": 0.3,
"vendor": "safenet",
"version": "6.21"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "igss",
"version": "7"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sentinel hasp run time",
"version": "*"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "sentinel hasp sdk",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"db": "BID",
"id": "51028"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:safenet-inc:sentinel_hasp_run-time:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.95",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:safenet-inc:sentinel_hasp_sdk:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "5.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:7t:igss:7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mozilla:firefox:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3339"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "ICS-CERT",
"sources": [
{
"db": "BID",
"id": "51028"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
],
"trust": 0.9
},
"cve": "CVE-2011-3339",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2011-3339",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-3339",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201112-171",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d",
"trust": 0.2,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file. Safenet provides software protection and certificate management products, affected products Sentinel HASP, previously Aladdin HASP SRM is a digital certificate management program. 7T IGSS uses the SafeNet Sentinel HASP SDK for managing digital certificates. Special characters allow an attacker to build and inject HTML into a configuration file. Successful exploitation of the vulnerability allows an attacker to change the code in the configuration file. This vulnerability can be reproduced using Mozilla FIrefox 2.0, which is currently not triggered by current Mozilla Firefox, Microsoft Internet Explorer, Opera, and Google Chrome. SafeNet Sentinel HASP and 7T IGSS are prone to an HTML-injection vulnerability because they fail to properly sanitize user-supplied input. \nAttacker-supplied HTML and script code could be executed in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials or control how the site is rendered to the user; other attacks are also possible. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nSafeNet Sentinel HASP Admin Control Center Script Insertion Weakness\n\nSECUNIA ADVISORY ID:\nSA47349\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47349/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47349\n\nRELEASE DATE:\n2011-12-22\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47349/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47349/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47349\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA weakness has been reported in SafeNet Sentinel HASP Run-time\nEnvironment, which can be exploited by malicious users to conduct\nscript insertion attacks. \n\nSuccessful exploitation requires a victim to view injected data using\nMozilla Firefox version 2.0. \n\nThe weakness is reported in version 5.95 and prior. \n\nSOLUTION:\nApply patch (please see the vendor\u0027s advisory for details). \n\nPROVIDED AND/OR DISCOVERED BY:\nICS-CERT credits Carlos Mario Penagos Hollman, Synapse-labs. \n\nORIGINAL ADVISORY:\nSafeNet:\nhttp://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339/\n\nICS-CERT:\nhttp://www.us-cert.gov/control_systems/pdf/ICSA-11-314-01.pdf\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"db": "BID",
"id": "51028"
},
{
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"db": "PACKETSTORM",
"id": "108116"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3339",
"trust": 3.6
},
{
"db": "ICS CERT",
"id": "ICSA-11-314-01",
"trust": 2.8
},
{
"db": "BID",
"id": "51028",
"trust": 1.9
},
{
"db": "CNVD",
"id": "CNVD-2011-5249",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467",
"trust": 0.8
},
{
"db": "XF",
"id": "71789",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "47349",
"trust": 0.3
},
{
"db": "IVD",
"id": "4CEC4FCC-2354-11E6-ABEF-000C29C66E3D",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "108116",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"db": "BID",
"id": "51028"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "PACKETSTORM",
"id": "108116"
},
{
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"id": "VAR-201112-0313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5249"
}
],
"trust": 1.2337797666666668
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.8
}
],
"sources": [
{
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5249"
}
]
},
"last_update_date": "2023-12-18T12:31:19.209000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.igss.com/"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.mozilla.org/"
},
{
"title": "CVE-2011-3339",
"trust": 0.8,
"url": "http://www.safenet-inc.com/support-downloads/sentinel-drivers/cve-2011-3339/"
},
{
"title": "SafeNet Sentinel HASP and 7T IGSS have patches for unspecified HTML injection vulnerabilities",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/6261"
},
{
"title": "Sentinel_LDK_Run-time_setup",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=42168"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "NVD",
"id": "CVE-2011-3339"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.us-cert.gov/control_systems/pdf/icsa-11-314-01.pdf"
},
{
"trust": 2.0,
"url": "http://www.safenet-inc.com/support-downloads/sentinel-drivers/cve-2011-3339/"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/51028"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71789"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3339"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3339"
},
{
"trust": 0.6,
"url": "http://www.safenet-inc.com/support-downloads/sentinel-drivers/cve-2011-3339/http"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/71789"
},
{
"trust": 0.3,
"url": "http://www.7t.dk/"
},
{
"trust": 0.3,
"url": "http://www3.safenet-inc.com/support/hasp.aspx"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47349/"
},
{
"trust": 0.1,
"url": "http://secunia.com/company/jobs/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/47349/#comments"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47349"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"db": "BID",
"id": "51028"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "PACKETSTORM",
"id": "108116"
},
{
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"db": "BID",
"id": "51028"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"db": "PACKETSTORM",
"id": "108116"
},
{
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-14T00:00:00",
"db": "IVD",
"id": "4cec4fcc-2354-11e6-abef-000c29c66e3d"
},
{
"date": "2011-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"date": "2011-12-12T00:00:00",
"db": "BID",
"id": "51028"
},
{
"date": "2011-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"date": "2011-12-22T08:52:38",
"db": "PACKETSTORM",
"id": "108116"
},
{
"date": "2011-12-17T03:54:45.743000",
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-14T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-5249"
},
{
"date": "2011-12-12T00:00:00",
"db": "BID",
"id": "51028"
},
{
"date": "2011-12-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003467"
},
{
"date": "2017-08-29T01:30:10.287000",
"db": "NVD",
"id": "CVE-2011-3339"
},
{
"date": "2011-12-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural SafeNet Product cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003467"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201112-171"
}
],
"trust": 0.6
}
}
VAR-200912-0424
Vulnerability from variot - Updated: 2023-12-18 12:11Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design. An attacker could use these devices to bypass authentication or conduct other web-based attacks. plural SSL VPN (Web VPN) There is a problem with the product that can bypass the security mechanism of the web browser. SL VPN (Web VPN) Network resources within an organization using a web browser ( Web server, mail server, etc. ) It is a product to provide a safe access method. SSL VPN (Web VPN) The product rewrites content as necessary as a proxy between the web browser and the server. SSL VPN (Web VPN) Web browser security mechanisms by accessing crafted web pages through (Same Origin Policy) May be bypassed. SSL VPN (Web VPN) Products that implement may be affected by this vulnerability.When a user views a specially crafted page, a remote third party VPN Or hijacking your session SSL VPN (Web VPN) There is a possibility that the content accessed through the site may be viewed or altered. Attackers may exploit this issue to violate the same-origin policy to obtain VPN session tokens, read or modify cookie-based authentication credentials, or perform unauthorized actions with the privileges of the web-based VPN domain. Other attacks may also be possible. Clientless SSL VPN products from Cisco, Juniper Networks, and SonicWall are vulnerable. Other vendors' products may also be affected. We will update this BID as more information emerges. 2. Web VPN authenticates the user and assigns an ID to the session, which is sent to the user's browser in the form of a cookie. 3. For example, http:///mail.html link becomes https:///www.intranet.example.com/mail.html. The cookie set by the requested web server will be converted into a completely unique cookie before being sent to the user's browser to prevent two cookies with the same name from conflicting. For example, a session ID cookie set by intranet.example.com is renamed intranet.example.com_sessionid before being sent to the user's browser. Additionally, Web VPN replaces references to specific HTML DOM objects like document.cookie. These DOM objects are replaced by scripts that return the value of the DOM object, so that they can be accessed within the security context of the requested site domain.
SOLUTION: Disable content rewriting for untrusted web servers.
The vulnerability is reported in CallPilot 201i, 202i, 600r, 703t, 1002rp, and 1005r.
SOLUTION: The vendor recommends to avoid browsing other web sites while logged in to CallPilot Manager or My CallPilot. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
For more information visit: http://secunia.com/advisories/business_solutions/
Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com
TITLE: Citrix Access Gateway Web VPN Same Origin Policy Bypass
SECUNIA ADVISORY ID: SA37696
VERIFY ADVISORY: http://secunia.com/advisories/37696/
DESCRIPTION: A vulnerability has been reported in Citrix Access Gateway, which can be exploited by malicious people to bypass certain security restrictions.
The vulnerability is caused due to the web-based VPN implementation prepending the same domain to all opened websites. This can be exploited to bypass a browser's same origin policy and e.g. access cookies for normally restricted domains by tricking a user into browsing to a malicious website via the VPN.
The vulnerability is reported in Citrix Access Gateway Enterprise Edition versions 8.1 and later, and all supported Citrix Access Gateway Advanced Edition versions.
SOLUTION: Do not allow access to untrusted domains via the VPN. Please see the vendor's advisory for more information.
PROVIDED AND/OR DISCOVERED BY: US-CERT credits Michal Zalewski and Mike Zusman for the original report.
Additional vulnerability details provided by David Warren and Ryan Giobbi of US-CERT.
ORIGINAL ADVISORY: Citrix: http://support.citrix.com/article/CTX123610
US-CERT VU#261869: http://www.kb.cert.org/vuls/id/261869
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0424",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "stonegate",
"scope": "eq",
"trust": 1.0,
"vendor": "stonesoft",
"version": "*"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "*"
},
{
"model": "safenet securewire access gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "aladdin",
"version": "*"
},
{
"model": "e-class ssl vpn",
"scope": "eq",
"trust": 1.0,
"vendor": "sonicwall",
"version": "*"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "citrix",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "juniper",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openvpn",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "safenet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonicwall",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "aep",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "vendors ssl vpn product"
},
{
"model": "adaptive security appliance",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "java system portal server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7"
},
{
"model": "networks callpilot 600r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "2002.1"
},
{
"model": "secure access",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "25000"
},
{
"model": "clientless ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "secure access",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "600050000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2"
},
{
"model": "networks callpilot 202i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "java system portal server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "6.3.1"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1.2.25"
},
{
"model": "access gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.0"
},
{
"model": "stonegate ssl vpn engine",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.4"
},
{
"model": "netscaler access gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.0"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0(4)"
},
{
"model": "access gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5.5"
},
{
"model": "secure access sp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "60006000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1.2.61"
},
{
"model": "java system portal server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.2"
},
{
"model": "networks callpilot 1002rp",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1(2)19"
},
{
"model": "sa700 ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "0"
},
{
"model": "ssl-r",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "20003.55"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "1.33"
},
{
"model": "secure access",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "65000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.2.1"
},
{
"model": "secure access",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "7000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.211"
},
{
"model": "ssl-rx",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.1(2)14"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "netscaler access gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "8.1"
},
{
"model": "ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "2003.08"
},
{
"model": "ssl vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "2.5"
},
{
"model": "ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "20003.54"
},
{
"model": "ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "40003.54"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.0.4.34"
},
{
"model": "stonegate ssl vpn engine",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.1"
},
{
"model": "access gateway advanced edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5"
},
{
"model": "access gateway enterprise edition",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "9.1"
},
{
"model": "networks callpilot 1005r",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "secure access",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "20000"
},
{
"model": "access gateway advanced edition hf2",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "4.5"
},
{
"model": "ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "2003.09"
},
{
"model": "java system portal server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.1"
},
{
"model": "networks callpilot 703t",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "java system portal server",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "7.0"
},
{
"model": "networks callpilot 201i",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"model": "ssl-r3",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "ssl-vpn",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "40003.55"
},
{
"model": "secure access",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "45000"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.2.2.34"
},
{
"model": "stonegate ssl vpn engine",
"scope": "eq",
"trust": 0.3,
"vendor": "stonesoft",
"version": "1.3.1"
},
{
"model": "secure access",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "400030000"
},
{
"model": "ssl-r6",
"scope": "eq",
"trust": 0.3,
"vendor": "sonicwall",
"version": "4.0.18"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "8.2.13"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#261869"
},
{
"db": "BID",
"id": "37152"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:sonicwall:e-class_ssl_vpn:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:sonicwall:ssl_vpn:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:stonesoft:stonegate:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:aladdin:safenet_securewire_access_gateway:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2631"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michal Zalewski\u203b lcamtuf@echelon.pl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2631",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CARNEGIE MELLON",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 6.8,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 4.6,
"exploitability": "PROOF-OF-CONCEPT",
"exploitabilityScore": 8.6,
"id": "VU#261869",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "NOT DEFINED",
"reportConfidence": "CONFIRMED",
"severity": "MEDIUM",
"targetDistribution": "MEDIUM",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2009-2631",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-40077",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2631",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#261869",
"trust": 0.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-055",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-40077",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#261869"
},
{
"db": "VULHUB",
"id": "VHN-40077"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN\u0027s domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design. An attacker could use these devices to bypass authentication or conduct other web-based attacks. plural SSL VPN (Web VPN) There is a problem with the product that can bypass the security mechanism of the web browser. SL VPN (Web VPN) Network resources within an organization using a web browser ( Web server, mail server, etc. ) It is a product to provide a safe access method. SSL VPN (Web VPN) The product rewrites content as necessary as a proxy between the web browser and the server. SSL VPN (Web VPN) Web browser security mechanisms by accessing crafted web pages through (Same Origin Policy) May be bypassed. SSL VPN (Web VPN) Products that implement may be affected by this vulnerability.When a user views a specially crafted page, a remote third party VPN Or hijacking your session SSL VPN (Web VPN) There is a possibility that the content accessed through the site may be viewed or altered. \nAttackers may exploit this issue to violate the same-origin policy to obtain VPN session tokens, read or modify cookie-based authentication credentials, or perform unauthorized actions with the privileges of the web-based VPN domain. Other attacks may also be possible. \nClientless SSL VPN products from Cisco, Juniper Networks, and SonicWall are vulnerable. Other vendors\u0027 products may also be affected. We will update this BID as more information emerges. 2. Web VPN authenticates the user and assigns an ID to the session, which is sent to the user\u0027s browser in the form of a cookie. 3. For example, http://\u003cwww.intranet.example.com\u003e/mail.html link becomes https://\u003cwebvpnserver\u003e/www.intranet.example.com/mail.html. The cookie set by the requested web server will be converted into a completely unique cookie before being sent to the user\u0027s browser to prevent two cookies with the same name from conflicting. For example, a session ID cookie set by intranet.example.com is renamed intranet.example.com_sessionid before being sent to the user\u0027s browser. Additionally, Web VPN replaces references to specific HTML DOM objects like document.cookie. These DOM objects are replaced by scripts that return the value of the DOM object, so that they can be accessed within the security context of the requested site domain. \n\nSOLUTION:\nDisable content rewriting for untrusted web servers. \n\nThe vulnerability is reported in CallPilot 201i, 202i, 600r, 703t,\n1002rp, and 1005r. \n\nSOLUTION:\nThe vendor recommends to avoid browsing other web sites while logged\nin to CallPilot Manager or My CallPilot. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nFor more information visit:\nhttp://secunia.com/advisories/business_solutions/\n\nAlternatively request a call from a Secunia representative today to\ndiscuss how we can help you with our capabilities contact us at:\nsales@secunia.com\n\n----------------------------------------------------------------------\n\nTITLE:\nCitrix Access Gateway Web VPN Same Origin Policy Bypass\n\nSECUNIA ADVISORY ID:\nSA37696\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/37696/\n\nDESCRIPTION:\nA vulnerability has been reported in Citrix Access Gateway, which can\nbe exploited by malicious people to bypass certain security\nrestrictions. \n\nThe vulnerability is caused due to the web-based VPN implementation\nprepending the same domain to all opened websites. This can be\nexploited to bypass a browser\u0027s same origin policy and e.g. access\ncookies for normally restricted domains by tricking a user into\nbrowsing to a malicious website via the VPN. \n\nThe vulnerability is reported in Citrix Access Gateway Enterprise\nEdition versions 8.1 and later, and all supported Citrix Access\nGateway Advanced Edition versions. \n\nSOLUTION:\nDo not allow access to untrusted domains via the VPN. Please see the\nvendor\u0027s advisory for more information. \n\nPROVIDED AND/OR DISCOVERED BY:\nUS-CERT credits Michal Zalewski and Mike Zusman for the original\nreport. \n\nAdditional vulnerability details provided by David Warren and Ryan\nGiobbi of US-CERT. \n\nORIGINAL ADVISORY:\nCitrix:\nhttp://support.citrix.com/article/CTX123610\n\nUS-CERT VU#261869:\nhttp://www.kb.cert.org/vuls/id/261869\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"db": "CERT/CC",
"id": "VU#261869"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"db": "BID",
"id": "37152"
},
{
"db": "VULHUB",
"id": "VHN-40077"
},
{
"db": "PACKETSTORM",
"id": "83939"
},
{
"db": "PACKETSTORM",
"id": "83938"
},
{
"db": "PACKETSTORM",
"id": "83953"
},
{
"db": "PACKETSTORM",
"id": "83937"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#261869",
"trust": 4.0
},
{
"db": "NVD",
"id": "CVE-2009-2631",
"trust": 2.8
},
{
"db": "BID",
"id": "37152",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "37786",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "37788",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "37789",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "37696",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2009-3571",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-3569",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-3570",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-3567",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-3568",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1023255",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-055",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20091202 SAME-ORIGIN POLICY BYPASS VULNERABILITIES IN SEVERAL VPN PRODUCTS REPORTED",
"trust": 0.6
},
{
"db": "XF",
"id": "54523",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20060608 SSL VPNS AND SECURITY",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20060609 RE: SSL VPNS AND SECURITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-40077",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83939",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83938",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83953",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83937",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#261869"
},
{
"db": "VULHUB",
"id": "VHN-40077"
},
{
"db": "BID",
"id": "37152"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"db": "PACKETSTORM",
"id": "83939"
},
{
"db": "PACKETSTORM",
"id": "83938"
},
{
"db": "PACKETSTORM",
"id": "83953"
},
{
"db": "PACKETSTORM",
"id": "83937"
},
{
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"id": "VAR-200912-0424",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40077"
}
],
"trust": 0.4611111
},
"last_update_date": "2023-12-18T12:11:26.901000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SSL VPN Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=169937"
}
],
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40077"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"db": "NVD",
"id": "CVE-2009-2631"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.kb.cert.org/vuls/id/261869"
},
{
"trust": 2.1,
"url": "http://kb.juniper.net/kb15799"
},
{
"trust": 2.1,
"url": "http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html"
},
{
"trust": 2.0,
"url": "http://seclists.org/fulldisclosure/2006/jun/238"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/37152"
},
{
"trust": 1.7,
"url": "http://www.sonicwall.com/us/2123_14882.html"
},
{
"trust": 1.7,
"url": "http://www.sonicwall.com/us/2123_14883.html"
},
{
"trust": 1.7,
"url": "http://www116.nortel.com/pub/repository/clarify/document/2009/50/025367-01.pdf"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2006/jun/269"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2006/jun/270"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1023255"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37696"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37786"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37788"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/37789"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3567"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3568"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3569"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3570"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3571"
},
{
"trust": 1.7,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026documentoid=984744"
},
{
"trust": 1.2,
"url": "http://support.citrix.com/article/ctx123610"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/508164/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54523"
},
{
"trust": 0.8,
"url": "https://developer.mozilla.org/en/same_origin_policy_for_javascript"
},
{
"trust": 0.8,
"url": "https://developer.mozilla.org/en/dom/document.cookie"
},
{
"trust": 0.8,
"url": "http://code.google.com/p/browsersec/wiki/part2#same-origin_policy"
},
{
"trust": 0.8,
"url": "http://www.owasp.org/index.php/category:owasp_cookies_database"
},
{
"trust": 0.8,
"url": "http://www.owasp.org/index.php/testing_for_session_management_schema_(owasp-sm-001)#black_box_testing_and_examples"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/docs/ios/security/configuration/guide/sec_ssl_vpn.html#wp1404057"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-june/046708.html"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-june/046886.html"
},
{
"trust": 0.8,
"url": "http://www.blackhat.com/presentations/bh-usa-08/zusman/bh_us_08_zusman_ssl_vpn_abuse.pdf"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/docs/security/asa/asa80/configuration/guide/svc.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2631"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu261869/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2631"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54523"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/508164/100/0/threaded"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://blogs.sun.com/security/entry/portal_server_is_not_vulnerable"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=984744"
},
{
"trust": 0.1,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026amp;documentoid=984744"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37786/"
},
{
"trust": 0.1,
"url": "https://www.juniper.net/alerts/viewalert.jsp?actionbtn=search\u0026txtalertnumber=psn-2009-11-580\u0026viewmode=view"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37789/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37696/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37788/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#261869"
},
{
"db": "VULHUB",
"id": "VHN-40077"
},
{
"db": "BID",
"id": "37152"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"db": "PACKETSTORM",
"id": "83939"
},
{
"db": "PACKETSTORM",
"id": "83938"
},
{
"db": "PACKETSTORM",
"id": "83953"
},
{
"db": "PACKETSTORM",
"id": "83937"
},
{
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#261869"
},
{
"db": "VULHUB",
"id": "VHN-40077"
},
{
"db": "BID",
"id": "37152"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"db": "PACKETSTORM",
"id": "83939"
},
{
"db": "PACKETSTORM",
"id": "83938"
},
{
"db": "PACKETSTORM",
"id": "83953"
},
{
"db": "PACKETSTORM",
"id": "83937"
},
{
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-11-30T00:00:00",
"db": "CERT/CC",
"id": "VU#261869"
},
{
"date": "2009-12-04T00:00:00",
"db": "VULHUB",
"id": "VHN-40077"
},
{
"date": "2009-11-30T00:00:00",
"db": "BID",
"id": "37152"
},
{
"date": "2010-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"date": "2009-12-16T15:35:57",
"db": "PACKETSTORM",
"id": "83939"
},
{
"date": "2009-12-16T15:35:54",
"db": "PACKETSTORM",
"id": "83938"
},
{
"date": "2009-12-16T16:15:46",
"db": "PACKETSTORM",
"id": "83953"
},
{
"date": "2009-12-16T15:35:52",
"db": "PACKETSTORM",
"id": "83937"
},
{
"date": "2009-12-04T11:30:00.437000",
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"date": "2009-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-06-20T00:00:00",
"db": "CERT/CC",
"id": "VU#261869"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-40077"
},
{
"date": "2009-12-16T13:53:00",
"db": "BID",
"id": "37152"
},
{
"date": "2010-01-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002426"
},
{
"date": "2018-10-10T19:41:04.607000",
"db": "NVD",
"id": "CVE-2009-2631"
},
{
"date": "2021-11-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Clientless SSL VPN products break web browser domain-based security models",
"sources": [
{
"db": "CERT/CC",
"id": "VU#261869"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-055"
}
],
"trust": 0.6
}
}
VAR-200212-0850
Vulnerability from variot - Updated: 2023-12-18 11:47Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. Internet Key Exchange (IKE) implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. This is reported to cause the daemon to crash. This issue may be related to the multiple IKE implementation vulnerabilities described in CERT/CC Vulnerability Note VU#287771. Other vendor products are reported to be affected by similar issues. There are currently not enough details available to determine if PGPFreeware is affected by any of these specific issues. This issue was reported in PGPFreeware 7.03 running on Windows NT 4.0 SP6. The Cisco VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow occurs when the Security Parameter Index payload of the IKE packet is longer than 16 bytes in length. It is possible that exploitation of this vulnerability may affect availability of the client, resulting in a denial of service condition. This issue is reported to be exploitable when the client software is operating in Aggressive Mode during a phase 1 IKE exchange. This vulnerability affects versions of the client on all platforms. When vulnerable clients receive a specific IKE packet with a zero length payload, the VPN client will consume all available processor time. < Link: http://www.netscreen.com/support/alerts/9_6_02.htm >
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200212-0850",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "netscreen remote security client",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "netscreen remote vpn client",
"scope": "eq",
"trust": 1.6,
"vendor": "juniper",
"version": "8.0"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.5.2"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.5.1"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for windows",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for solaris",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for mac os",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.6"
},
{
"model": "vpn client for linux",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pgp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "safenet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonicwall",
"version": null
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "netscreen-remote vpn client",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.0"
},
{
"model": "netscreen-remote security client",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.0"
},
{
"model": "netscreen-remote vpn client",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.1"
},
{
"model": "netscreen-remote security client",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.1"
},
{
"model": "associates pgp freeware",
"scope": "eq",
"trust": 0.3,
"vendor": "network",
"version": "7.0.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:juniper:netscreen_remote_security_client:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:juniper:netscreen_remote_vpn_client:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2223"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Published in a Cisco Security Advisory. CERT/CC credits Anton Rager of Avaya Communications with discovery.",
"sources": [
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
}
],
"trust": 0.9
},
"cve": "CVE-2002-2223",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-6606",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-2223",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#287771",
"trust": 0.8,
"value": "1.03"
},
{
"author": "CNNVD",
"id": "CNNVD-200212-370",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-6606",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-6606"
},
{
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload. Internet Key Exchange (IKE) implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. This is reported to cause the daemon to crash. \nThis issue may be related to the multiple IKE implementation vulnerabilities described in CERT/CC Vulnerability Note VU#287771. \nOther vendor products are reported to be affected by similar issues. There are currently not enough details available to determine if PGPFreeware is affected by any of these specific issues. \nThis issue was reported in PGPFreeware 7.03 running on Windows NT 4.0 SP6. The Cisco VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow occurs when the Security Parameter Index payload of the IKE packet is longer than 16 bytes in length. It is possible that exploitation of this vulnerability may affect availability of the client, resulting in a denial of service condition. \nThis issue is reported to be exploitable when the client software is operating in Aggressive Mode during a phase 1 IKE exchange. \nThis vulnerability affects versions of the client on all platforms. \nWhen vulnerable clients receive a specific IKE packet with a zero length payload, the VPN client will consume all available processor time. \u003c *Link: http://www.netscreen.com/support/alerts/9_6_02.htm* \u003e",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "VULHUB",
"id": "VHN-6606"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#287771",
"trust": 4.0
},
{
"db": "BID",
"id": "5668",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2002-2223",
"trust": 1.7
},
{
"db": "BID",
"id": "5440",
"trust": 1.1
},
{
"db": "BID",
"id": "5449",
"trust": 1.1
},
{
"db": "BID",
"id": "5443",
"trust": 1.1
},
{
"db": "BID",
"id": "5441",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-200212-370",
"trust": 0.7
},
{
"db": "XF",
"id": "9850",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "3476",
"trust": 0.6
},
{
"db": "BID",
"id": "5589",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-6606",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-6606"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
]
},
"id": "VAR-200212-0850",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-6606"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:47:28.053000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-2223"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.kb.cert.org/vuls/id/287771"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/5668"
},
{
"trust": 2.0,
"url": "http://www.netscreen.com/support/alerts/9_6_02.htm"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9850"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/html.charters/ipsec-charter.html"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2408.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2409.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2412.txt"
},
{
"trust": 0.8,
"url": "http://www.vpnc.org/"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5440"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5441"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5443"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/5449"
},
{
"trust": 0.8,
"url": "http://ikecrack.sourceforge.net/"
},
{
"trust": 0.8,
"url": "http://www.nta-monitor.com/ike-scan/"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/9850"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/3476"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata.html#isakmpd"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-6606"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-6606"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#287771"
},
{
"date": "2002-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-6606"
},
{
"date": "2002-07-05T00:00:00",
"db": "BID",
"id": "5589"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5668"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5449"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5441"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5443"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5440"
},
{
"date": "2002-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"date": "2002-09-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#287771"
},
{
"date": "2017-07-29T00:00:00",
"db": "VULHUB",
"id": "VHN-6606"
},
{
"date": "2002-07-05T00:00:00",
"db": "BID",
"id": "5589"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5668"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5449"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5441"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5443"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5440"
},
{
"date": "2017-07-29T01:29:00.747000",
"db": "NVD",
"id": "CVE-2002-2223"
},
{
"date": "2007-02-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
}
],
"trust": 1.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vendors\u0027 Internet Key Exchange (IKE) implementations do not properly handle IKE response packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "CNNVD",
"id": "CNNVD-200212-370"
}
],
"trust": 1.8
}
}
VAR-200811-0235
Vulnerability from variot - Updated: 2023-12-18 11:14dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \.\DNE device interface. Deterministic Network Enhancer (DNE) Contains an elevation of privilege vulnerability. As a result, local users Windows Arbitrary code may be executed with kernel privileges. Deterministic Networks Provided by Deterministic Network Enhancer (DNE) Is Microsoft Windows This product is an extension of the network stack. DNE Is Cisco VPN Client It is used by multiple products. DNE Driver dne2000.sys Contains an elevation of privilege vulnerability. For details, refer to the information provided by each vendor.Local users Windows Arbitrary code may be executed with kernel privileges. Successful attacks will completely compromise affected computers. DNE 'dne2000.sys' 2.21.7.233 to 3.21.8 are vulnerable; other versions may also be affected. There is a loophole in the implementation of the DNE driver.
The vulnerability is reported in dne2000.sys versions 2.21.7.233 to 3.21.7.17464.
SOLUTION: Grant only trusted users access to affected systems.
PROVIDED AND/OR DISCOVERED BY: mu-b
ORIGINAL ADVISORY: http://www.digit-labs.org/files/exploits/dne2000-call.c
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200811-0235",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "deterministic network enhancer",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "2.21.7.223"
},
{
"model": "deterministic network enhancer",
"scope": "eq",
"trust": 1.6,
"vendor": "citrix",
"version": "3.21.7.17464"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "deterministic",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "safenet",
"version": null
},
{
"model": "deterministic network enhancer",
"scope": "lt",
"trust": 0.8,
"vendor": "citrix",
"version": "dne2000.sys 3.21.12.17902 earlier"
},
{
"model": "highassurance remote",
"scope": null,
"trust": 0.8,
"vendor": "safenet",
"version": null
},
{
"model": "softremote vpn client",
"scope": null,
"trust": 0.8,
"vendor": "safenet",
"version": null
},
{
"model": "vpn client",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "deterministic network enhancer",
"scope": "eq",
"trust": 0.8,
"vendor": "citrix",
"version": "2.21.7.233 to 3.21.7.17464"
},
{
"model": "winproxy",
"scope": null,
"trust": 0.8,
"vendor": "blue coat",
"version": null
},
{
"model": "deterministic network enhancer",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "3.21.12.17902"
},
{
"model": "deterministic network enhancer",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "3.21.8"
},
{
"model": "deterministic network enhancer",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.21.7.233"
},
{
"model": "deterministic network enhancer",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "2.21.7.17464"
},
{
"model": "deterministic network enhancer",
"scope": "ne",
"trust": 0.3,
"vendor": "citrix",
"version": "3.21.9"
},
{
"model": "vpn client for windows",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0.3.0530"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#858993"
},
{
"db": "BID",
"id": "29772"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:citrix:deterministic_network_enhancer:3.21.7.17464:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:citrix:deterministic_network_enhancer:2.21.7.223:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:safenet:highassurance_remote:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:bluecoat:winproxy:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:a:safenet:softremote_vpn_client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5121"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "mu-b mu-b@digit-labs.org",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
],
"trust": 0.6
},
"cve": "CVE-2008-5121",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-5121",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-35246",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-5121",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#858993",
"trust": 0.8,
"value": "22.50"
},
{
"author": "CNNVD",
"id": "CNNVD-200811-282",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-35246",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#858993"
},
{
"db": "VULHUB",
"id": "VHN-35246"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\\\.\\DNE device interface. Deterministic Network Enhancer (DNE) Contains an elevation of privilege vulnerability. As a result, local users Windows Arbitrary code may be executed with kernel privileges. Deterministic Networks Provided by Deterministic Network Enhancer (DNE) Is Microsoft Windows This product is an extension of the network stack. DNE Is Cisco VPN Client It is used by multiple products. DNE Driver dne2000.sys Contains an elevation of privilege vulnerability. For details, refer to the information provided by each vendor.Local users Windows Arbitrary code may be executed with kernel privileges. Successful attacks will completely compromise affected computers. \nDNE \u0027dne2000.sys\u0027 2.21.7.233 to 3.21.8 are vulnerable; other versions may also be affected. There is a loophole in the implementation of the DNE driver. \n\nThe vulnerability is reported in dne2000.sys versions 2.21.7.233 to\n3.21.7.17464. \n\nSOLUTION:\nGrant only trusted users access to affected systems. \n\nPROVIDED AND/OR DISCOVERED BY:\nmu-b\n\nORIGINAL ADVISORY:\nhttp://www.digit-labs.org/files/exploits/dne2000-call.c\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"db": "CERT/CC",
"id": "VU#858993"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"db": "BID",
"id": "29772"
},
{
"db": "VULHUB",
"id": "VHN-35246"
},
{
"db": "PACKETSTORM",
"id": "67460"
},
{
"db": "PACKETSTORM",
"id": "67431"
},
{
"db": "PACKETSTORM",
"id": "67433"
},
{
"db": "PACKETSTORM",
"id": "67449"
}
],
"trust": 3.78
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-35246",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-35246"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#858993",
"trust": 4.4
},
{
"db": "NVD",
"id": "CVE-2008-5121",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "30747",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "30744",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "30753",
"trust": 2.6
},
{
"db": "SECUNIA",
"id": "30728",
"trust": 2.6
},
{
"db": "BID",
"id": "29772",
"trust": 2.0
},
{
"db": "VUPEN",
"id": "ADV-2008-1867",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1868",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1866",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-1865",
"trust": 1.7
},
{
"db": "SREASON",
"id": "4600",
"trust": 1.7
},
{
"db": "EXPLOIT-DB",
"id": "5837",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001884",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645",
"trust": 0.8
},
{
"db": "MISC",
"id": "HTTP://WWW.DIGIT-LABS.ORG/FILES/EXPLOITS/DNE2000-CALL.C",
"trust": 0.6
},
{
"db": "XF",
"id": "43153",
"trust": 0.6
},
{
"db": "XF",
"id": "2000",
"trust": 0.6
},
{
"db": "MILW0RM",
"id": "5837",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200811-282",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-35246",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "67460",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "67431",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "67433",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "67449",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#858993"
},
{
"db": "VULHUB",
"id": "VHN-35246"
},
{
"db": "BID",
"id": "29772"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"db": "PACKETSTORM",
"id": "67460"
},
{
"db": "PACKETSTORM",
"id": "67431"
},
{
"db": "PACKETSTORM",
"id": "67433"
},
{
"db": "PACKETSTORM",
"id": "67449"
},
{
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
]
},
"id": "VAR-200811-0235",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-35246"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T11:14:00.378000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "DNE Support",
"trust": 0.8,
"url": "http://www.citrix.com/lang/english/lp/lp_1680845.asp"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.bluecoat.com/"
},
{
"title": "VPN Client",
"trust": 0.8,
"url": "http://www.cisco.com/univercd/cc/td/doc/product/vpn/client/"
},
{
"title": "CTX117751",
"trust": 0.8,
"url": "http://support.citrix.com/article/ctx117751"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.safenet-inc.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-35246"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"db": "NVD",
"id": "CVE-2008-5121"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://www.kb.cert.org/vuls/id/858993"
},
{
"trust": 2.9,
"url": "http://www.digit-labs.org/files/exploits/dne2000-call.c"
},
{
"trust": 2.4,
"url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026bugid=cscsm25860"
},
{
"trust": 2.0,
"url": "http://support.citrix.com/article/ctx117751"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/29772"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30728"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30744"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30747"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/30753"
},
{
"trust": 1.7,
"url": "http://securityreason.com/securityalert/4600"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1865"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1866"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1867"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2008/1868"
},
{
"trust": 1.2,
"url": "http://secunia.com/advisories/30728/"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/5837"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43153"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/30753/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/30744/"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/30747/"
},
{
"trust": 0.8,
"url": "http://www.deterministicnetworks.com/support/dnesupport.asp"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu858993/"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-5121"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-5121"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/43153"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/5837"
},
{
"trust": 0.4,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.4,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.4,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.4,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.4,
"url": "http://corporate.secunia.com/about_secunia/64/"
},
{
"trust": 0.4,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.3,
"url": "http://www.citrix.com"
},
{
"trust": 0.3,
"url": "http://www.deterministicnetworks.com/products/dne.asp"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026amp;bugid=cscsm25860"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1122/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1121/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6750/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/1574/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/123/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/124/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/14465/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17450/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/9097/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/19105/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/19106/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#858993"
},
{
"db": "VULHUB",
"id": "VHN-35246"
},
{
"db": "BID",
"id": "29772"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"db": "PACKETSTORM",
"id": "67460"
},
{
"db": "PACKETSTORM",
"id": "67431"
},
{
"db": "PACKETSTORM",
"id": "67433"
},
{
"db": "PACKETSTORM",
"id": "67449"
},
{
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#858993"
},
{
"db": "VULHUB",
"id": "VHN-35246"
},
{
"db": "BID",
"id": "29772"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"db": "PACKETSTORM",
"id": "67460"
},
{
"db": "PACKETSTORM",
"id": "67431"
},
{
"db": "PACKETSTORM",
"id": "67433"
},
{
"db": "PACKETSTORM",
"id": "67449"
},
{
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-06-18T00:00:00",
"db": "CERT/CC",
"id": "VU#858993"
},
{
"date": "2008-11-18T00:00:00",
"db": "VULHUB",
"id": "VHN-35246"
},
{
"date": "2008-06-17T00:00:00",
"db": "BID",
"id": "29772"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"date": "2008-06-18T23:41:53",
"db": "PACKETSTORM",
"id": "67460"
},
{
"date": "2008-06-18T21:15:54",
"db": "PACKETSTORM",
"id": "67431"
},
{
"date": "2008-06-18T21:15:54",
"db": "PACKETSTORM",
"id": "67433"
},
{
"date": "2008-06-18T21:55:50",
"db": "PACKETSTORM",
"id": "67449"
},
{
"date": "2008-11-18T00:30:00.517000",
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"date": "2008-06-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-06-27T00:00:00",
"db": "CERT/CC",
"id": "VU#858993"
},
{
"date": "2017-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-35246"
},
{
"date": "2015-04-16T17:59:00",
"db": "BID",
"id": "29772"
},
{
"date": "2008-11-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-001884"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-003645"
},
{
"date": "2017-09-29T01:32:28.930000",
"db": "NVD",
"id": "CVE-2008-5121"
},
{
"date": "2009-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "29772"
},
{
"db": "PACKETSTORM",
"id": "67460"
},
{
"db": "PACKETSTORM",
"id": "67431"
},
{
"db": "PACKETSTORM",
"id": "67433"
},
{
"db": "PACKETSTORM",
"id": "67449"
},
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
],
"trust": 1.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Deterministic Network Enhancer privilege escalation vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#858993"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200811-282"
}
],
"trust": 0.6
}
}
VAR-200209-0033
Vulnerability from variot - Updated: 2023-12-18 10:59Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload. Internet Key Exchange (IKE) implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. This is reported to cause the daemon to crash. This issue may be related to the multiple IKE implementation vulnerabilities described in CERT/CC Vulnerability Note VU#287771. Other vendor products are reported to be affected by similar issues. There are currently not enough details available to determine if PGPFreeware is affected by any of these specific issues. This issue was reported in PGPFreeware 7.03 running on Windows NT 4.0 SP6. The Cisco VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow occurs when the Security Parameter Index payload of the IKE packet is longer than 16 bytes in length. It is possible that exploitation of this vulnerability may affect availability of the client, resulting in a denial of service condition. This issue is reported to be exploitable when the client software is operating in Aggressive Mode during a phase 1 IKE exchange. This vulnerability affects versions of the client on all platforms. When vulnerable clients receive a specific IKE packet with a zero length payload, the VPN client will consume all available processor time. The Cisco bug ID for these vulnerabilities is CSCdy26045
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200209-0033",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vpn client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.5.2"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.5.1"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for windows",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for solaris",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for mac os",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.6"
},
{
"model": "vpn client for linux",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pgp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "safenet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonicwall",
"version": null
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "netscreen-remote vpn client",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.0"
},
{
"model": "netscreen-remote security client",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.0"
},
{
"model": "netscreen-remote vpn client",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.1"
},
{
"model": "netscreen-remote security client",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.1"
},
{
"model": "associates pgp freeware",
"scope": "eq",
"trust": 0.3,
"vendor": "network",
"version": "7.0.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"db": "CNNVD",
"id": "CNNVD-200209-021"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:solaris:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0853"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Published in a Cisco Security Advisory. CERT/CC credits Anton Rager of Avaya Communications with discovery.",
"sources": [
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
}
],
"trust": 0.9
},
"cve": "CVE-2002-0853",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-5244",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2002-0853",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#287771",
"trust": 0.8,
"value": "1.03"
},
{
"author": "CNNVD",
"id": "CNNVD-200209-021",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-5244",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-5244"
},
{
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"db": "CNNVD",
"id": "CNNVD-200209-021"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload. Internet Key Exchange (IKE) implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. This is reported to cause the daemon to crash. \nThis issue may be related to the multiple IKE implementation vulnerabilities described in CERT/CC Vulnerability Note VU#287771. \nOther vendor products are reported to be affected by similar issues. There are currently not enough details available to determine if PGPFreeware is affected by any of these specific issues. \nThis issue was reported in PGPFreeware 7.03 running on Windows NT 4.0 SP6. The Cisco VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow occurs when the Security Parameter Index payload of the IKE packet is longer than 16 bytes in length. It is possible that exploitation of this vulnerability may affect availability of the client, resulting in a denial of service condition. \nThis issue is reported to be exploitable when the client software is operating in Aggressive Mode during a phase 1 IKE exchange. \nThis vulnerability affects versions of the client on all platforms. \nWhen vulnerable clients receive a specific IKE packet with a zero length payload, the VPN client will consume all available processor time. The Cisco bug ID for these vulnerabilities is CSCdy26045",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "VULHUB",
"id": "VHN-5244"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#287771",
"trust": 4.0
},
{
"db": "BID",
"id": "5440",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2002-0853",
"trust": 1.7
},
{
"db": "BID",
"id": "5668",
"trust": 1.1
},
{
"db": "BID",
"id": "5449",
"trust": 1.1
},
{
"db": "BID",
"id": "5443",
"trust": 1.1
},
{
"db": "BID",
"id": "5441",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-200209-021",
"trust": 0.7
},
{
"db": "XF",
"id": "9821",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20020812 CISCO VPN CLIENT MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "BID",
"id": "5589",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-5244",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-5244"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"db": "CNNVD",
"id": "CNNVD-200209-021"
}
]
},
"id": "VAR-200209-0033",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5244"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:59:26.473000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0853"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.2,
"url": "http://www.kb.cert.org/vuls/id/287771"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5440"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/9821.php"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/html.charters/ipsec-charter.html"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2408.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2409.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2412.txt"
},
{
"trust": 0.8,
"url": "http://www.vpnc.org/"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5440"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5441"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5443"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/5449"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/5668"
},
{
"trust": 0.8,
"url": "http://ikecrack.sourceforge.net/"
},
{
"trust": 0.8,
"url": "http://www.nta-monitor.com/ike-scan/"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata.html#isakmpd"
},
{
"trust": 0.3,
"url": "http://www.netscreen.com/support/alerts/9_6_02.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-5244"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"db": "CNNVD",
"id": "CNNVD-200209-021"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-5244"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"db": "CNNVD",
"id": "CNNVD-200209-021"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#287771"
},
{
"date": "2002-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5244"
},
{
"date": "2002-07-05T00:00:00",
"db": "BID",
"id": "5589"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5668"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5449"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5441"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5443"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5440"
},
{
"date": "2002-09-05T04:00:00",
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"date": "2002-08-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200209-021"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#287771"
},
{
"date": "2008-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-5244"
},
{
"date": "2002-07-05T00:00:00",
"db": "BID",
"id": "5589"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5668"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5449"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5441"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5443"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5440"
},
{
"date": "2008-09-10T19:13:01.820000",
"db": "NVD",
"id": "CVE-2002-0853"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200209-021"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
}
],
"trust": 1.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vendors\u0027 Internet Key Exchange (IKE) implementations do not properly handle IKE response packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
}
],
"trust": 1.2
}
}
VAR-200312-0020
Vulnerability from variot - Updated: 2023-12-18 10:48SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. Internet Key Exchange (IKE) implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. SonicWALL Firmware is prone to a denial-of-service vulnerability. This is reported to cause the daemon to crash. This issue may be related to the multiple IKE implementation vulnerabilities described in CERT/CC Vulnerability Note VU#287771. Other vendor products are reported to be affected by similar issues. There are currently not enough details available to determine if PGPFreeware is affected by any of these specific issues. This issue was reported in PGPFreeware 7.03 running on Windows NT 4.0 SP6. The Cisco VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow occurs when the Security Parameter Index payload of the IKE packet is longer than 16 bytes in length. It is possible that exploitation of this vulnerability may affect availability of the client, resulting in a denial of service condition. This issue is reported to be exploitable when the client software is operating in Aggressive Mode during a phase 1 IKE exchange. This vulnerability affects versions of the client on all platforms. When vulnerable clients receive a specific IKE packet with a zero length payload, the VPN client will consume all available processor time. Previous versions of SonicWALL firmware were vulnerable
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200312-0020",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "",
"scope": "lte",
"trust": 1.0,
"vendor": "sonicwall",
"version": "6.4.0.1"
},
{
"model": "",
"scope": "eq",
"trust": 0.9,
"vendor": "sonicwall",
"version": "6.4.0.1"
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.5.2"
},
{
"model": "vpn client for mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.5.1"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "3.5.1"
},
{
"model": "vpn client for windows",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for solaris",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": "vpn client for mac os",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "x3.6"
},
{
"model": "vpn client for linux",
"scope": "ne",
"trust": 0.9,
"vendor": "cisco",
"version": "3.6"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netscreen",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "network associates",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "pgp",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "safenet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sonicwall",
"version": null
},
{
"model": "vpn client for windows",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "3.5.2"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "3.0"
},
{
"model": "netscreen-remote vpn client",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.0"
},
{
"model": "netscreen-remote security client",
"scope": "eq",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.0"
},
{
"model": "netscreen-remote vpn client",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.1"
},
{
"model": "netscreen-remote security client",
"scope": "ne",
"trust": 0.3,
"vendor": "netscreen",
"version": "8.1"
},
{
"model": "associates pgp freeware",
"scope": "eq",
"trust": 0.3,
"vendor": "network",
"version": "7.0.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "BID",
"id": "78313"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-168"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:sonicwall:firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.4.0.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1320"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Published in a Cisco Security Advisory. CERT/CC credits Anton Rager of Avaya Communications with discovery.",
"sources": [
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
}
],
"trust": 0.9
},
"cve": "CVE-2003-1320",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "VHN-8145",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2003-1320",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#287771",
"trust": 0.8,
"value": "1.03"
},
{
"author": "CNNVD",
"id": "CNNVD-200312-168",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-8145",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-8145"
},
{
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-168"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. Internet Key Exchange (IKE) implementations from several vendors contain buffer overflows and denial-of-service conditions. The buffer overflow vulnerabilities could permit an attacker to execute arbitrary code on a vulnerable system. SonicWALL Firmware is prone to a denial-of-service vulnerability. This is reported to cause the daemon to crash. \nThis issue may be related to the multiple IKE implementation vulnerabilities described in CERT/CC Vulnerability Note VU#287771. \nOther vendor products are reported to be affected by similar issues. There are currently not enough details available to determine if PGPFreeware is affected by any of these specific issues. \nThis issue was reported in PGPFreeware 7.03 running on Windows NT 4.0 SP6. The Cisco VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow occurs when the Security Parameter Index payload of the IKE packet is longer than 16 bytes in length. It is possible that exploitation of this vulnerability may affect availability of the client, resulting in a denial of service condition. \nThis issue is reported to be exploitable when the client software is operating in Aggressive Mode during a phase 1 IKE exchange. \nThis vulnerability affects versions of the client on all platforms. \nWhen vulnerable clients receive a specific IKE packet with a zero length payload, the VPN client will consume all available processor time. Previous versions of SonicWALL firmware were vulnerable",
"sources": [
{
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "BID",
"id": "78313"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "VULHUB",
"id": "VHN-8145"
}
],
"trust": 3.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#287771",
"trust": 4.3
},
{
"db": "NVD",
"id": "CVE-2003-1320",
"trust": 2.0
},
{
"db": "BID",
"id": "5440",
"trust": 1.1
},
{
"db": "BID",
"id": "5668",
"trust": 1.1
},
{
"db": "BID",
"id": "5449",
"trust": 1.1
},
{
"db": "BID",
"id": "5443",
"trust": 1.1
},
{
"db": "BID",
"id": "5441",
"trust": 1.1
},
{
"db": "CNNVD",
"id": "CNNVD-200312-168",
"trust": 0.6
},
{
"db": "BID",
"id": "78313",
"trust": 0.4
},
{
"db": "BID",
"id": "5589",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-8145",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-8145"
},
{
"db": "BID",
"id": "78313"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-168"
}
]
},
"id": "VAR-200312-0020",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-8145"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T10:48:14.323000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-8145"
},
{
"db": "NVD",
"id": "CVE-2003-1320"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.5,
"url": "http://www.kb.cert.org/vuls/id/287771"
},
{
"trust": 2.0,
"url": "http://www.kb.cert.org/vuls/id/aamn-5l74vd"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/html.charters/ipsec-charter.html"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2408.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2409.txt"
},
{
"trust": 0.8,
"url": "http://www.ietf.org/rfc/rfc2412.txt"
},
{
"trust": 0.8,
"url": "http://www.vpnc.org/"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5440"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5441"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/5443"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/5449"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/5668"
},
{
"trust": 0.8,
"url": "http://ikecrack.sourceforge.net/"
},
{
"trust": 0.8,
"url": "http://www.nta-monitor.com/ike-scan/"
},
{
"trust": 0.3,
"url": "http://www.openbsd.org/errata.html#isakmpd"
},
{
"trust": 0.3,
"url": "http://www.netscreen.com/support/alerts/9_6_02.htm"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-8145"
},
{
"db": "BID",
"id": "78313"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-168"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#287771"
},
{
"db": "VULHUB",
"id": "VHN-8145"
},
{
"db": "BID",
"id": "78313"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
},
{
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"db": "CNNVD",
"id": "CNNVD-200312-168"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-08-12T00:00:00",
"db": "CERT/CC",
"id": "VU#287771"
},
{
"date": "2003-12-31T00:00:00",
"db": "VULHUB",
"id": "VHN-8145"
},
{
"date": "2003-12-31T00:00:00",
"db": "BID",
"id": "78313"
},
{
"date": "2002-07-05T00:00:00",
"db": "BID",
"id": "5589"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5668"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5449"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5441"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5443"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5440"
},
{
"date": "2003-12-31T05:00:00",
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"date": "2003-12-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-168"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2004-02-09T00:00:00",
"db": "CERT/CC",
"id": "VU#287771"
},
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-8145"
},
{
"date": "2003-12-31T00:00:00",
"db": "BID",
"id": "78313"
},
{
"date": "2002-07-05T00:00:00",
"db": "BID",
"id": "5589"
},
{
"date": "2002-09-07T00:00:00",
"db": "BID",
"id": "5668"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5449"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5441"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5443"
},
{
"date": "2002-08-12T00:00:00",
"db": "BID",
"id": "5440"
},
{
"date": "2008-09-05T20:36:37.667000",
"db": "NVD",
"id": "CVE-2003-1320"
},
{
"date": "2007-03-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200312-168"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "78313"
},
{
"db": "BID",
"id": "5589"
},
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
},
{
"db": "BID",
"id": "5440"
}
],
"trust": 2.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vendors\u0027 Internet Key Exchange (IKE) implementations do not properly handle IKE response packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#287771"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "5668"
},
{
"db": "BID",
"id": "5449"
},
{
"db": "BID",
"id": "5441"
},
{
"db": "BID",
"id": "5443"
}
],
"trust": 1.2
}
}
CVE-2008-0760 (GCVE-0-2008-0760)
Vulnerability from nvd – Published: 2008-02-13 20:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27735 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/487954/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/3646 | third-party-advisoryx_refsource_SREASON |
| http://aluigi.altervista.org/adv/sentinella-adv.txt | x_refsource_MISC |
| http://secunia.com/advisories/28863 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0499 | vdb-entryx_refsource_VUPEN |
Date Public
2008-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:23.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27735",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27735"
},
{
"name": "20080211 Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487954/100/0/threaded"
},
{
"name": "3646",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3646"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/sentinella-adv.txt"
},
{
"name": "28863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28863"
},
{
"name": "ADV-2008-0499",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0499"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27735",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27735"
},
{
"name": "20080211 Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487954/100/0/threaded"
},
{
"name": "3646",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3646"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/sentinella-adv.txt"
},
{
"name": "28863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28863"
},
{
"name": "ADV-2008-0499",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0499"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27735",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27735"
},
{
"name": "20080211 Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487954/100/0/threaded"
},
{
"name": "3646",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3646"
},
{
"name": "http://aluigi.altervista.org/adv/sentinella-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/sentinella-adv.txt"
},
{
"name": "28863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28863"
},
{
"name": "ADV-2008-0499",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0499"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0760",
"datePublished": "2008-02-13T20:00:00.000Z",
"dateReserved": "2008-02-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:23.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0573 (GCVE-0-2008-0573)
Vulnerability from nvd – Published: 2008-02-05 01:00 – Updated: 2024-08-07 07:46
VLAI
Summary
IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/5004 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2008/0333 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28701 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/27496 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1019282 | vdb-entryx_refsource_SECTRACK |
Date Public
2008-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:55.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5004"
},
{
"name": "ADV-2008-0333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0333"
},
{
"name": "28701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28701"
},
{
"name": "27496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27496"
},
{
"name": "1019282",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5004"
},
{
"name": "ADV-2008-0333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0333"
},
{
"name": "28701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28701"
},
{
"name": "27496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27496"
},
{
"name": "1019282",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5004",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5004"
},
{
"name": "ADV-2008-0333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0333"
},
{
"name": "28701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28701"
},
{
"name": "27496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27496"
},
{
"name": "1019282",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0573",
"datePublished": "2008-02-05T01:00:00.000Z",
"dateReserved": "2008-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:55.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6483 (GCVE-0-2007-6483)
Vulnerability from nvd – Published: 2007-12-20 20:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/484224/100… | mailing-listx_refsource_BUGTRAQ |
| http://safenet-inc.com/support/files/SPI740Securi… | x_refsource_CONFIRM |
| http://securityreason.com/securityalert/3471 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/26583 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/27811 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/4011 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/484201/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1018992 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-11-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
},
{
"name": "sentinel-protection-directory-traversal(38636)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
},
{
"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
},
{
"name": "3471",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3471"
},
{
"name": "26583",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26583"
},
{
"name": "27811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27811"
},
{
"name": "ADV-2007-4011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4011"
},
{
"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
},
{
"name": "1018992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
},
{
"name": "sentinel-protection-directory-traversal(38636)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
},
{
"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
},
{
"name": "3471",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3471"
},
{
"name": "26583",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26583"
},
{
"name": "27811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27811"
},
{
"name": "ADV-2007-4011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4011"
},
{
"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
},
{
"name": "1018992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018992"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
},
{
"name": "sentinel-protection-directory-traversal(38636)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
},
{
"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
},
{
"name": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip",
"refsource": "CONFIRM",
"url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
},
{
"name": "3471",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3471"
},
{
"name": "26583",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26583"
},
{
"name": "27811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27811"
},
{
"name": "ADV-2007-4011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4011"
},
{
"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
},
{
"name": "1018992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018992"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6483",
"datePublished": "2007-12-20T20:00:00.000Z",
"dateReserved": "2007-12-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3157 (GCVE-0-2007-3157)
Vulnerability from nvd – Published: 2007-06-11 22:00 – Updated: 2024-08-07 14:05
VLAI
Summary
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.digit-labs.org/files/exploits/safenet-dos.c | x_refsource_MISC |
| http://osvdb.org/37137 | vdb-entryx_refsource_OSVDB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/25574 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/2803 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/24385 | vdb-entryx_refsource_BID |
Date Public
2007-06-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digit-labs.org/files/exploits/safenet-dos.c"
},
{
"name": "37137",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37137"
},
{
"name": "20070608 SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html"
},
{
"name": "25574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25574"
},
{
"name": "safenet-ipsecdrv-dos(34775)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34775"
},
{
"name": "2803",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2803"
},
{
"name": "24385",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digit-labs.org/files/exploits/safenet-dos.c"
},
{
"name": "37137",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37137"
},
{
"name": "20070608 SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html"
},
{
"name": "25574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25574"
},
{
"name": "safenet-ipsecdrv-dos(34775)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34775"
},
{
"name": "2803",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2803"
},
{
"name": "24385",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24385"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.digit-labs.org/files/exploits/safenet-dos.c",
"refsource": "MISC",
"url": "http://www.digit-labs.org/files/exploits/safenet-dos.c"
},
{
"name": "37137",
"refsource": "OSVDB",
"url": "http://osvdb.org/37137"
},
{
"name": "20070608 SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html"
},
{
"name": "25574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25574"
},
{
"name": "safenet-ipsecdrv-dos(34775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34775"
},
{
"name": "2803",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2803"
},
{
"name": "24385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24385"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3157",
"datePublished": "2007-06-11T22:00:00.000Z",
"dateReserved": "2007-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:05:29.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0346 (GCVE-0-2005-0346)
Vulnerability from nvd – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=110791865522076&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1013134 | vdb-entryx_refsource_SECTRACK |
| http://www.nta-monitor.com/news/vpn-flaws/safenet… | x_refsource_MISC |
Date Public
2005-02-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:53.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "softremote-vpn-password-disclosure(19256)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19256"
},
{
"name": "20050208 SafeNet SoftRemote VPN Client Issue: Clear-text password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110791865522076\u0026w=2"
},
{
"name": "1013134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013134"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "softremote-vpn-password-disclosure(19256)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19256"
},
{
"name": "20050208 SafeNet SoftRemote VPN Client Issue: Clear-text password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110791865522076\u0026w=2"
},
{
"name": "1013134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013134"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "softremote-vpn-password-disclosure(19256)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19256"
},
{
"name": "20050208 SafeNet SoftRemote VPN Client Issue: Clear-text password",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110791865522076\u0026w=2"
},
{
"name": "1013134",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013134"
},
{
"name": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0346",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:53.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0353 (GCVE-0-2005-0353)
Vulnerability from nvd – Published: 2005-03-08 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/12742 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11107287281… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/14511 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=111022094326772&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.kb.cert.org/vuls/id/108790 | third-party-advisoryx_refsource_CERT-VN |
| http://www.cirt.dk/advisories/cirt-30-advisory.pdf | x_refsource_MISC |
Date Public
2005-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "12742",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12742"
},
{
"name": "20050313 [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=111072872816405\u0026w=2"
},
{
"name": "14511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14511"
},
{
"name": "sentinel-license-manager-bo(19621)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19621"
},
{
"name": "20050307 CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111022094326772\u0026w=2"
},
{
"name": "VU#108790",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/108790"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "12742",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12742"
},
{
"name": "20050313 [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=111072872816405\u0026w=2"
},
{
"name": "14511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14511"
},
{
"name": "sentinel-license-manager-bo(19621)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19621"
},
{
"name": "20050307 CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111022094326772\u0026w=2"
},
{
"name": "VU#108790",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/108790"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-0353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "12742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12742"
},
{
"name": "20050313 [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=111072872816405\u0026w=2"
},
{
"name": "14511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14511"
},
{
"name": "sentinel-license-manager-bo(19621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19621"
},
{
"name": "20050307 CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111022094326772\u0026w=2"
},
{
"name": "VU#108790",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/108790"
},
{
"name": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf",
"refsource": "MISC",
"url": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2005-0353",
"datePublished": "2005-03-08T05:00:00.000Z",
"dateReserved": "2005-02-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:54.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2225 (GCVE-0-2002-2225)
Vulnerability from nvd – Published: 2007-02-27 02:00 – Updated: 2024-09-17 01:46
VLAI
Summary
SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.safenet-inc.com/knowledgebase/read_ite… | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/AAMN-59VTUQ | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/287771 | third-party-advisoryx_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:10.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ"
},
{
"name": "VU#287771",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/287771"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-27T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ"
},
{
"name": "VU#287771",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/287771"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375",
"refsource": "MISC",
"url": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375"
},
{
"name": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ"
},
{
"name": "VU#287771",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/287771"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2225",
"datePublished": "2007-02-27T02:00:00.000Z",
"dateReserved": "2007-02-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:46:41.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0760 (GCVE-0-2008-0760)
Vulnerability from cvelistv5 – Published: 2008-02-13 20:00 – Updated: 2024-08-07 07:54
VLAI
Summary
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/27735 | vdb-entryx_refsource_BID |
| http://www.securityfocus.com/archive/1/487954/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/3646 | third-party-advisoryx_refsource_SREASON |
| http://aluigi.altervista.org/adv/sentinella-adv.txt | x_refsource_MISC |
| http://secunia.com/advisories/28863 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2008/0499 | vdb-entryx_refsource_VUPEN |
Date Public
2008-02-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:54:23.249Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27735",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27735"
},
{
"name": "20080211 Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/487954/100/0/threaded"
},
{
"name": "3646",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3646"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://aluigi.altervista.org/adv/sentinella-adv.txt"
},
{
"name": "28863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28863"
},
{
"name": "ADV-2008-0499",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0499"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27735",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27735"
},
{
"name": "20080211 Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/487954/100/0/threaded"
},
{
"name": "3646",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3646"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://aluigi.altervista.org/adv/sentinella-adv.txt"
},
{
"name": "28863",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28863"
},
{
"name": "ADV-2008-0499",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0499"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.4.1.0 and earlier, and Sentinel Keys Server 1.0.4.0 and earlier, allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the URI. NOTE: this issue reportedly exists because of an incomplete fix for CVE-2007-6483."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27735",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27735"
},
{
"name": "20080211 Directory traversal in SafeNet Sentinel Protection and Key Server 7.4.1.0",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/487954/100/0/threaded"
},
{
"name": "3646",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3646"
},
{
"name": "http://aluigi.altervista.org/adv/sentinella-adv.txt",
"refsource": "MISC",
"url": "http://aluigi.altervista.org/adv/sentinella-adv.txt"
},
{
"name": "28863",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28863"
},
{
"name": "ADV-2008-0499",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0499"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0760",
"datePublished": "2008-02-13T20:00:00.000Z",
"dateReserved": "2008-02-13T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:54:23.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-0573 (GCVE-0-2008-0573)
Vulnerability from cvelistv5 – Published: 2008-02-05 01:00 – Updated: 2024-08-07 07:46
VLAI
Summary
IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.exploit-db.com/exploits/5004 | exploitx_refsource_EXPLOIT-DB |
| http://www.vupen.com/english/advisories/2008/0333 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/28701 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/27496 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id?1019282 | vdb-entryx_refsource_SECTRACK |
Date Public
2008-01-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:46:55.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "5004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/5004"
},
{
"name": "ADV-2008-0333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0333"
},
{
"name": "28701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28701"
},
{
"name": "27496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27496"
},
{
"name": "1019282",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019282"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "5004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/5004"
},
{
"name": "ADV-2008-0333",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0333"
},
{
"name": "28701",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28701"
},
{
"name": "27496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27496"
},
{
"name": "1019282",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019282"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-0573",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET HighAssurance Remote and SoftRemote allows local users to gain privileges via a crafted IPSECDRV_IOCTL IOCTL request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "5004",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/5004"
},
{
"name": "ADV-2008-0333",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0333"
},
{
"name": "28701",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28701"
},
{
"name": "27496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27496"
},
{
"name": "1019282",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019282"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-0573",
"datePublished": "2008-02-05T01:00:00.000Z",
"dateReserved": "2008-02-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T07:46:55.119Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6483 (GCVE-0-2007-6483)
Vulnerability from cvelistv5 – Published: 2007-12-20 20:00 – Updated: 2024-08-07 16:11
VLAI
Summary
Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/archive/1/484224/100… | mailing-listx_refsource_BUGTRAQ |
| http://safenet-inc.com/support/files/SPI740Securi… | x_refsource_CONFIRM |
| http://securityreason.com/securityalert/3471 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/26583 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/27811 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/4011 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/484201/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securitytracker.com/id?1018992 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-11-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:11:06.015Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
},
{
"name": "sentinel-protection-directory-traversal(38636)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
},
{
"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
},
{
"name": "3471",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3471"
},
{
"name": "26583",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26583"
},
{
"name": "27811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27811"
},
{
"name": "ADV-2007-4011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4011"
},
{
"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
},
{
"name": "1018992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018992"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-11-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
},
{
"name": "sentinel-protection-directory-traversal(38636)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
},
{
"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
},
{
"name": "3471",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3471"
},
{
"name": "26583",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26583"
},
{
"name": "27811",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27811"
},
{
"name": "ADV-2007-4011",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4011"
},
{
"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
},
{
"name": "1018992",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018992"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6483",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in SafeNet Sentinel Protection Server 7.0.0 through 7.4.0 and possibly earlier versions, and Sentinel Keys Server 1.0.3 and possibly earlier versions, allows remote attackers to read arbitrary files via a .. (dot dot) in the query string."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01",
"refsource": "MISC",
"url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-272-01"
},
{
"name": "sentinel-protection-directory-traversal(38636)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38636"
},
{
"name": "20071126 Directory Traversal in SafeNet Sentinel Protection Server and Keys Server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484224/100/200/threaded"
},
{
"name": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip",
"refsource": "CONFIRM",
"url": "http://safenet-inc.com/support/files/SPI740SecurityPatch.zip"
},
{
"name": "3471",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3471"
},
{
"name": "26583",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26583"
},
{
"name": "27811",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27811"
},
{
"name": "ADV-2007-4011",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4011"
},
{
"name": "20071126 2007-06 Sentinel Protection Server Directory Traversal",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484201/100/200/threaded"
},
{
"name": "1018992",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018992"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6483",
"datePublished": "2007-12-20T20:00:00.000Z",
"dateReserved": "2007-12-20T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:11:06.015Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3157 (GCVE-0-2007-3157)
Vulnerability from cvelistv5 – Published: 2007-06-11 22:00 – Updated: 2024-08-07 14:05
VLAI
Summary
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.digit-labs.org/files/exploits/safenet-dos.c | x_refsource_MISC |
| http://osvdb.org/37137 | vdb-entryx_refsource_OSVDB |
| http://lists.grok.org.uk/pipermail/full-disclosur… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/25574 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://securityreason.com/securityalert/2803 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/24385 | vdb-entryx_refsource_BID |
Date Public
2007-06-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:05:29.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.digit-labs.org/files/exploits/safenet-dos.c"
},
{
"name": "37137",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37137"
},
{
"name": "20070608 SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html"
},
{
"name": "25574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25574"
},
{
"name": "safenet-ipsecdrv-dos(34775)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34775"
},
{
"name": "2803",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2803"
},
{
"name": "24385",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24385"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-06-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.digit-labs.org/files/exploits/safenet-dos.c"
},
{
"name": "37137",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37137"
},
{
"name": "20070608 SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html"
},
{
"name": "25574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25574"
},
{
"name": "safenet-ipsecdrv-dos(34775)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34775"
},
{
"name": "2803",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2803"
},
{
"name": "24385",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24385"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3157",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.digit-labs.org/files/exploits/safenet-dos.c",
"refsource": "MISC",
"url": "http://www.digit-labs.org/files/exploits/safenet-dos.c"
},
{
"name": "37137",
"refsource": "OSVDB",
"url": "http://osvdb.org/37137"
},
{
"name": "20070608 SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html"
},
{
"name": "25574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25574"
},
{
"name": "safenet-ipsecdrv-dos(34775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34775"
},
{
"name": "2803",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2803"
},
{
"name": "24385",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24385"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3157",
"datePublished": "2007-06-11T22:00:00.000Z",
"dateReserved": "2007-06-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T14:05:29.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2225 (GCVE-0-2002-2225)
Vulnerability from cvelistv5 – Published: 2007-02-27 02:00 – Updated: 2024-09-17 01:46
VLAI
Summary
SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.safenet-inc.com/knowledgebase/read_ite… | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/AAMN-59VTUQ | x_refsource_MISC |
| http://www.kb.cert.org/vuls/id/287771 | third-party-advisoryx_refsource_CERT-VN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:59:10.889Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ"
},
{
"name": "VU#287771",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/287771"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2007-02-27T02:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ"
},
{
"name": "VU#287771",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/287771"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2225",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375",
"refsource": "MISC",
"url": "http://www.safenet-inc.com/knowledgebase/read_item.asp?ID=375"
},
{
"name": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ",
"refsource": "MISC",
"url": "http://www.kb.cert.org/vuls/id/AAMN-59VTUQ"
},
{
"name": "VU#287771",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/287771"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2225",
"datePublished": "2007-02-27T02:00:00.000Z",
"dateReserved": "2007-02-26T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:46:41.648Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0353 (GCVE-0-2005-0353)
Vulnerability from cvelistv5 – Published: 2005-03-08 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/12742 | vdb-entryx_refsource_BID |
| http://marc.info/?l=full-disclosure&m=11107287281… | mailing-listx_refsource_FULLDISC |
| http://secunia.com/advisories/14511 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=111022094326772&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://www.kb.cert.org/vuls/id/108790 | third-party-advisoryx_refsource_CERT-VN |
| http://www.cirt.dk/advisories/cirt-30-advisory.pdf | x_refsource_MISC |
Date Public
2005-03-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:54.112Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "12742",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/12742"
},
{
"name": "20050313 [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=111072872816405\u0026w=2"
},
{
"name": "14511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/14511"
},
{
"name": "sentinel-license-manager-bo(19621)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19621"
},
{
"name": "20050307 CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111022094326772\u0026w=2"
},
{
"name": "VU#108790",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/108790"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-03-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "12742",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/12742"
},
{
"name": "20050313 [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=111072872816405\u0026w=2"
},
{
"name": "14511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/14511"
},
{
"name": "sentinel-license-manager-bo(19621)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19621"
},
{
"name": "20050307 CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=111022094326772\u0026w=2"
},
{
"name": "VU#108790",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/108790"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2005-0353",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "12742",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/12742"
},
{
"name": "20050313 [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=111072872816405\u0026w=2"
},
{
"name": "14511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/14511"
},
{
"name": "sentinel-license-manager-bo(19621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19621"
},
{
"name": "20050307 CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=111022094326772\u0026w=2"
},
{
"name": "VU#108790",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/108790"
},
{
"name": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf",
"refsource": "MISC",
"url": "http://www.cirt.dk/advisories/cirt-30-advisory.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2005-0353",
"datePublished": "2005-03-08T05:00:00.000Z",
"dateReserved": "2005-02-11T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:54.112Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-0346 (GCVE-0-2005-0346)
Vulnerability from cvelistv5 – Published: 2005-02-10 05:00 – Updated: 2024-08-07 21:13
VLAI
Summary
SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://marc.info/?l=bugtraq&m=110791865522076&w=2 | mailing-listx_refsource_BUGTRAQ |
| http://securitytracker.com/id?1013134 | vdb-entryx_refsource_SECTRACK |
| http://www.nta-monitor.com/news/vpn-flaws/safenet… | x_refsource_MISC |
Date Public
2005-02-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T21:13:53.415Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "softremote-vpn-password-disclosure(19256)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19256"
},
{
"name": "20050208 SafeNet SoftRemote VPN Client Issue: Clear-text password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110791865522076\u0026w=2"
},
{
"name": "1013134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1013134"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-02-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "softremote-vpn-password-disclosure(19256)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19256"
},
{
"name": "20050208 SafeNet SoftRemote VPN Client Issue: Clear-text password",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=110791865522076\u0026w=2"
},
{
"name": "1013134",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1013134"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-0346",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SafeNet SoftRemote VPN Client stores the VPN password (pre-shared key) in cleartext in memory of the IreIKE.exe process, which allows local users to gain sensitive information if they have access to that process."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "softremote-vpn-password-disclosure(19256)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19256"
},
{
"name": "20050208 SafeNet SoftRemote VPN Client Issue: Clear-text password",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=110791865522076\u0026w=2"
},
{
"name": "1013134",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1013134"
},
{
"name": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm",
"refsource": "MISC",
"url": "http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-0346",
"datePublished": "2005-02-10T05:00:00.000Z",
"dateReserved": "2005-02-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T21:13:53.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}