Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access Vulnerability
BID:12571
Info
Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access Vulnerability
| Bugtraq ID: | 12571 |
| Class: | Access Validation Error |
| CVE: | |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 16 2005 12:00AM |
| Updated: | Feb 16 2005 12:00AM |
| Credit: | Discovery is credited to Wang Ning <[email protected]>. |
| Vulnerable: |
Check Point Software SecureClient NG FP1 |
| Not Vulnerable: | |
Discussion
Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access Vulnerability
VPN-1 SecureClient is reported prone to a vulnerability that may allow local attackers to disclose sensitive memory. This can lead to various other attacks against a vulnerable computer. The vulnerability exists in the 'SR_Service.exe', which manages VPN connections.
A successful attack may allow the attacker to disclose memory and cause the application to crash. Reportedly, this issue can be leveraged to ultimately execute arbitrary code, however, this has not been confirmed.
VPN-1 SecureClient NG FP1 is reported prone to this vulnerability. It is possible that other versions are affected as well.
VPN-1 SecureClient is reported prone to a vulnerability that may allow local attackers to disclose sensitive memory. This can lead to various other attacks against a vulnerable computer. The vulnerability exists in the 'SR_Service.exe', which manages VPN connections.
A successful attack may allow the attacker to disclose memory and cause the application to crash. Reportedly, this issue can be leveraged to ultimately execute arbitrary code, however, this has not been confirmed.
VPN-1 SecureClient NG FP1 is reported prone to this vulnerability. It is possible that other versions are affected as well.
Exploit / POC
Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access Vulnerability
The following proof of concept is available:
'192.00000000000168.00115.047'
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
The following proof of concept is available:
'192.00000000000168.00115.047'
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access Vulnerability
Solution:
It is reported that newer versions of the application are not vulnerable to this issue. This is not confirmed at the moment. Please contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
It is reported that newer versions of the application are not vulnerable to this issue. This is not confirmed at the moment. Please contact the vendor for more information.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access Vulnerability
References:
References:
- Check Point Technical Support (Check Point Software)
- VPN-1 Clients (Check Point Software)