Portwise SSL VPN version 4.6 suffers from a cross site scripting vulnerability.
d9b96b55dfa2056ae70f1178f252fe1ab57454ee9e6be79fb320310542a95c6aThis Metasploit module exploits a logic flaw due to how the lpApplicationName parameter is handled. When the lpApplicationName contains a space, the file name is ambiguous. Take this file path as example: C:\program files\hello.exe; The Windows API will try to interpret this as two possible paths: C:\program.exe, and C:\program files\hello.exe, and then execute all of them. To some software developers, this is an unexpected behavior, which becomes a security problem if an attacker is able to place a malicious executable in one of these unexpected paths, sometimes escalate privileges if run as SYSTEM. Some softwares such as OpenVPN 2.1.1, or OpenSSH Server 5, etc... all have the same problem.
13ee2928c651d3a5639e180e5f2cafa4d077977aeeeb2da9a34de919ec969a8eEntropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
e505291a3ada9f1ba3928113fa70f9f79bfc771b2fe8e20560d612d5c64beb5bViscosity OpenVPN client for Mac OS X suffers from a local root command execution vulnerability due to a suid binary executing site.py.
bbed2f8bef6e98f9f906db21866f9556901fd2af1233ad2af5fa7f69e3f8af21Pwnnel-Blicker is a second local root exploit for Tunnel Blick OS X OpenVPN manager.
469187a05e24af6ff54301dc1ce224c0d812f436efa24c7f9245c5385e416fb9Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
76ca25d4f7c84938b67595662b7b2a2ccc1f026c5fd38878da67d399c829206cThe Barracuda SSL VPN 680 suffers from a cross site scripting vulnerability.
c641f9ef4a8a30e7fdaac2382361b13880f98192355001d16a27c808e5239125Entropy Broker is an infrastructure for distributing cryptographically secure random numbers (entropy data) from one or more servers to one or more clients. Entropy Broker allows you to distribute entropy data (random values) to /dev/random devices from other systems (real servers or virtualised systems). It helps preventing that the /dev/random device gets depleted; an empty /dev/random-device can cause programs to hang (waiting for entropy data to become available). This is useful for systems that need to generate encryption keys, run VPN software or run a casino website.
1256b9eabb591bfe6735cfcd5b31fafece6cca0028f6df1894bd805070ba6d45Secunia Security Advisory - A vulnerability has been reported in Barracuda SSL VPN, which can be exploited by malicious people to conduct cross-site scripting attacks.
c433fcb75a0a4580b4ea56dc243bcc0e080628b29c0ce9fc29a21d4b5ce57d2dstrongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
1a7ed98015df32e7412caf37391105af25a9dc66a0e357a1c92ccd5a9f180298tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
509ebb063399d436e9df0a6ccb03ca1c1190a948662ddeef60bb803684ec76a0OpenNHRP implements the NBMA Next Hop Resolution Protocol (as defined in RFC 2332). It makes it possible to create a dynamic multipoint VPN Linux router using NHRP, GRE, and IPsec. It aims to be Cisco DMVPN compatible.
118d79062dddb1318eb706054168ad17a030afe1e9ebb59f9dc7c7a7a03bc308Secunia Security Advisory - Two vulnerabilities have been reported in Cisco AnyConnect VPN Client, which can be exploited by malicious people to compromise a user's system.
820a95f8c9eb5bd946d54eee1052b23b67e15c7f5466e8ddfd2b11bf1d39bfd6Debian Linux Security Advisory 2495-1 - A buffer overflow was discovered in OpenConnect, a client for the Cisco AnyConnect VPN, which could result in denial of service.
442b6bf476818c5707cbcf2328190e8b4cc3499ff967a3ec60ad5c4de6262e62A vulnerability in Checkpoint Endpoint Connect VPN causes the client to be susceptible to an attack that result in arbitrary dynamic-library loading. A user with local disk access can carefully construct a DLL that suits a pattern that is being traversed by the client and implement it somewhere along the search path and the client will load it seamlessly.
4d25fbd959e5ee60f126bb396b30dab8ef0c294cb5f29ded00cd0c25b3d9e6f6Debian Linux Security Advisory 2483-1 - An authentication bypass issue was discovered by the Codenomicon CROSS project in strongSwan, an IPsec-based VPN solution. When using RSA-based setups, a missing check in the gmp plugin could allow an attacker presenting a forged signature to successfully authenticate against a strongSwan responder.
7609f91a664792688a1457f9e5c23da2922dfbaaf34996f4ab7c713b94406d26strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
62dd46bdfa66e997cd07479c448ce5a5cb3748cb495d58074a7a737dbbe93fc4Cisco Security Advisory - Cisco IOS Software and Cisco IOS XE Software contain a vulnerability in the RSVP feature when used on a device configured with VPN routing and forwarding (VRF) instances. This vulnerability could allow an unauthenticated, remote attacker to cause an interface wedge, which can lead to loss of connectivity, loss of routing protocol adjacency, and other denial of service (DoS) conditions. This vulnerability could be exploited repeatedly to cause an extended DoS condition. A workaround is available to mitigate this vulnerability. Cisco has released free software updates that address this vulnerability.
66b4808802d79e777b367723e8a72933aa4a79f44a9c183f78f6c8dee313e4cdF5 FirePass SSL VPN versions 6.0.0 through 6.1.0 and 7.0.0 suffers from a remote SQL injection vulnerability that allows for remote root access.
17285d0e33742a99873151808caad6a558a6294c4e724dc671bd743f0057ab6dtinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
d4ed38a65ae46ee8ca7daaa282acc634ba8d50e5795cb51645097bbae9b843a9Cisco Security Advisory - The Cisco Clientless VPN solution as deployed by Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA) uses an ActiveX control on client systems to perform port forwarding operations. Microsoft Windows-based systems that are running Internet Explorer or another browser that supports Microsoft ActiveX technology may be affected if the system has ever connected to a device that is running the Cisco Clientless VPN solution. A remote, unauthenticated attacker who could convince a user to connect to a malicious web page could exploit this issue to execute arbitrary code on the affected machine with the privileges of the web browser. The affected ActiveX control is distributed to endpoint systems by Cisco ASA. However, the impact of successful exploitation of this vulnerability is to the endpoint system only and does not compromise Cisco ASA devices. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
d5eb4f15929e22adebee6cabc4901b0a19fd375282c7f4226edd361bb721237fCheckpoint Firewall VPN1 suffers from a remote information disclosure vulnerability.
23ce565b644ac90f408b650bb9e2fce1833dc96007bb898eba2a5b175e6b9423tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
016e3162b6a79730526b8eb464d89d2c5e1139b4f2923e7c87e96662ebcc4745Secunia Security Advisory - Stonesoft has acknowledged a vulnerability in StoneGate Firewall/VPN, which can be exploited by malicious people to cause a DoS (Denial of Service).
74fdbdbd1c5d984c25ffc49e6c673af01560728fe712caa26dc68838fab5b6a9strongSwan is a complete IPsec implementation for the Linux, Android, Maemo, FreeBSD, and Mac OS X operating systems. It interoperates with with most other IPsec-based VPN products via the IKEv2 or IKEv1 key exchange protocols. The focus of the strongSwan project is on strong authentication mechanisms using X.509 public key certificates and optional secure storage of private keys on smartcards through a standardized PKCS#11 interface. A rich choice of modular plugins adds additional features like Trusted Network Connect or advanced cryptographical algorithms.
8ab2371ba0c70cd010f0736839a0737dec95b197325b98505c1c69dd55e6964fBarracuda SSL VPN 480 suffers from multiple input validation vulnerabilities that allow for malicious script insertion and cross site scripting attacks.
781480d69d0f3896054853e3cb90977fae66d99e7c72a36d68367184e2090e36
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed