Summary
This host has TheGreenBow IPSec VPN Client installed and is prone to Stack Overflow vulnerability.
Impact
Successful exploitation allows the attacker to execute arbitrary code on the system or compromise a system.
Impact Level:System/Application
Solution
Apply patch from below link,
http://www.thegreenbow.com/download.php?id=1000150
*****
NOTE: Ignore this warning, if above mentioned patch is manually applied.
*****
Insight
The flaw is due to a boundary error when processing certain sections of 'tgb' (policy) files. Passing an overly long string to 'OpenScriptAfterUp' will trigger the overflow.
Affected
TheGreenBow IPSec VPN Client version 4.65.003 and prior.
References
Severity
Classification
-
CVE CVE-2010-0392 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities