Lucene search
HistoryJan 26, 2010 - 6:30 p.m.
CVE-2010-0392
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.293
Percentile
96.9%
Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via a long OpenScriptAfterUp parameter in a policy (.tgb) file, related to “phase 2.”
Affected configurations
Node
thegreenbowipsec_vpn_clientMatch4.51.001
ORthegreenbowipsec_vpn_clientMatch4.65.003
| Vendor | Product | Version | CPE |
|---|---|---|---|
| thegreenbow | ipsec_vpn_client | 4.51.001 | cpe:2.3:a:thegreenbow:ipsec_vpn_client:4.51.001:*:*:*:*:*:*:* |
| thegreenbow | ipsec_vpn_client | 4.65.003 | cpe:2.3:a:thegreenbow:ipsec_vpn_client:4.65.003:*:*:*:*:*:*:* |
Related
nessus
nessus
TheGreenBow VPN Client TGB File OpenScriptAfterUp Parameter Local Overflow
2010-06-02 00:00:00
prion
prion
Stack overflow
2010-01-26 18:30:00
cve
cve
CVE-2010-0392
2010-01-26 18:30:01
openvas
openvas
TheGreenBow IPSec VPN Client Local Stack Overflow Vulnerability
2010-01-28 00:00:00
TheGreenBow IPSec VPN Client Local Stack Overflow Vulnerability
2010-01-28 00:00:00
cvelist
cvelist
CVE-2010-0392
2010-01-26 18:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
8.1
Confidence
High
EPSS
0.293
Percentile
96.9%
Related for NVD:CVE-2010-0392