SafeNet SoftRemote VPN Client IreIKE.exe Cleartext Password Local Disclosure

2005-02-08T09:27:21
ID OSVDB:13701
Type osvdb
Reporter NTA Monitor Ltd.()
Modified 2005-02-08T09:27:21

Description

Vulnerability Description

SafeNet SoftRemote VPN Client contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the IreIKE.exe process decrypting VPN (pre-shared keys) passwords upon startup and storing them as plaintext in memory. This allows for disclosure of the local users' VPN password information resulting in a loss of confidentiality.

Solution Description

Upgrade to version 10.3.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

SafeNet SoftRemote VPN Client contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the IreIKE.exe process decrypting VPN (pre-shared keys) passwords upon startup and storing them as plaintext in memory. This allows for disclosure of the local users' VPN password information resulting in a loss of confidentiality.

Manual Testing Notes

Use PMDump to dump the process memory to a file. C:>pmdump (PID of IreIKE.exe) (file to dump memory contents to)

References:

Vendor URL: http://www.safenet-inc.com/products/vpn/softRemote.asp Security Tracker: 1013134 Other Advisory URL: http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-02/0041.html ISS X-Force ID: 19256 CVE-2005-0346