18 matches found
CVE-2019-25283
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot...
Shrew Soft VPN Client 代码问题漏洞
Shrew Soft VPN Client is a IPsec VPN client software developed by Shrew Soft Corporation. Version 2.2.2 of Shrew Soft VPN Client contains a code vulnerability caused by an unquoted service path. This vulnerability could allow local users to execute arbitrary code and gain elevated system privileg...
CVE-2019-25283 Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot...
CVE-2019-25283 Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot...
CVE-2019-25283
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot...
CVE-2019-25283
CVE-2019-25283 affects Shrew Soft VPN Client 2.2.2. The vulnerability is an unquoted service path that allows local attackers to execute arbitrary code with elevated privileges during service startup or system reboot. The root cause is the unquoted service path, enabling code execution if a malic...
PT-2026-5811
Name of the Vulnerable Software and Affected Versions Shrew Soft VPN Client version 2.2.2 Description The Shrew Soft VPN Client contains an unquoted service path issue that allows local users to execute arbitrary code with elevated system privileges. An attacker can place malicious executables in...
EUVD-2010-3359
Malware in sbrugna...
CVE-2010-3361
The 1 iked, 2 ikea, and 3 ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
SUSE CVE-2010-3361
The 1 iked, 2 ikea, and 3 ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path
Exploit Title: Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path Date: 2019-11-14 Exploit Author: D.Goedecke Vendor Homepage: www.shrew.net Software Link: https://www.shrew.net/download/vpn/vpn-client-2.2.2-release.exe Version: 2.2.2 Tested on: Windows 10 64bit C:\Users\userwmic service...
Shrew Soft VPN Client 2.2.2 - iked Unquoted Service Path
Shrew Soft VPN Client 2.2.2 - iked Unquoted Service Path Exploit Title: Shrew Soft VPN Client 2.2.2 - 'iked' Unquoted Service Path Date: 2019-11-14 Exploit Author: D.Goedecke Vendor Homepage: www.shrew.net Software Link: https://www.shrew.net/download/vpn/vpn-client-2.2.2-release.exe Version: 2.2...
CVE-2010-3361
The 1 iked, 2 ikea, and 3 ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
Directory traversal
The 1 iked, 2 ikea, and 3 ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3361
The 1 iked, 2 ikea, and 3 ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...
CVE-2010-3361
Removed by vendor...
CVE-2010-3361
Shrew Soft IKE 2.1.5 is affected by CVE-2010-3361 via the iked, ikea, and ikec scripts. A zero-length directory name placed in LD_LIBRARY_PATH allows a local user to gain privileges through a Trojan horse shared library in the current working directory. Exploitation details are not provided in th...
CVE-2010-3361
The 1 iked, 2 ikea, and 3 ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...