header-logo
Suggest Exploit
vendor:
VPN-1 SecureClient
by:
SecurityFocus
7.5
CVSS
HIGH
Local Memory Disclosure
200
CWE
Product Name: VPN-1 SecureClient
Affected Version From: VPN-1 SecureClient NG FP1
Affected Version To: Other versions may be affected
Patch Exists: Yes
Related CWE: N/A
CPE: 192.00000000000168.00115.047
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

VPN-1 SecureClient Local Memory Disclosure Vulnerability

VPN-1 SecureClient is reported prone to a vulnerability that may allow local attackers to disclose sensitive memory. This can lead to various other attacks against a vulnerable computer. The vulnerability exists in the 'SR_Service.exe', which manages VPN connections. A successful attack may allow the attacker to disclose memory and cause the application to crash. Reportedly, this issue can be leveraged to ultimately execute arbitrary code, however, this has not been confirmed.

Mitigation:

Users should upgrade to the latest version of VPN-1 SecureClient.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/12571/info

VPN-1 SecureClient is reported prone to a vulnerability that may allow local attackers to disclose sensitive memory. This can lead to various other attacks against a vulnerable computer. The vulnerability exists in the 'SR_Service.exe', which manages VPN connections.

A successful attack may allow the attacker to disclose memory and cause the application to crash. Reportedly, this issue can be leveraged to ultimately execute arbitrary code, however, this has not been confirmed.

VPN-1 SecureClient NG FP1 is reported prone to this vulnerability. It is possible that other versions are affected as well. 

'192.00000000000168.00115.047'

Navigation

Suggest Exploit

Services By CQR