iPass Open Mobile Remote Code Execution Vulnerability - Windows

iPass Open Mobile is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Ipass Open Mobile Detection (Windows SMB Login)

Detects the installed version of Ipass Open Mobile. The script logs in via smb, searches for string SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

CVE-2015-0925

The client in iPass Open Mobile before 2.4.5 on Windows allows remote authenticated users to execute arbitrary code via a DLL pathname in a crafted Unicode string that is improperly handled by a subprocess reached through a named pipe, as demonstrated by a UNC share pathname...

Design/Logic Flaw

The client in iPass Open Mobile before 2.4.5 on Windows allows remote authenticated users to execute arbitrary code via a DLL pathname in a crafted Unicode string that is improperly handled by a subprocess reached through a named pipe, as demonstrated by a UNC share pathname...

CVE-2015-0925

The client in iPass Open Mobile before 2.4.5 on Windows allows remote authenticated users to execute arbitrary code via a DLL pathname in a crafted Unicode string that is improperly handled by a subprocess reached through a named pipe, as demonstrated by a UNC share pathname...

CVE-2015-0925

CVE-2015-0925 affects iPass Open Mobile on Windows prior to 2.4.5. The issue allows remote authenticated users to execute arbitrary code by abusing a DLL pathname supplied as part of a crafted Unicode string that a subprocess reachable via a named pipe handles, demonstrated via a UNC share pathna...

iPass Open Mobile Windows Client contains a remote code execution vulnerability

Overview The iPass Open Mobile Windows Client versions 2.4.4 and earlier contains a remote code execution vulnerability. Description CWE-94: Improper Control of Generation of Code 'Code Injection' The iPass Open Mobile Windows Client versions 2.4.4 and earlier utilizes named pipes for interproces...