Check Point VPN-1 SecureClient Malformed IP Address Local Memory Access Vulnerability

2014-07-01T00:00:00
ID SSV:78774
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/12571/info

VPN-1 SecureClient is reported prone to a vulnerability that may allow local attackers to disclose sensitive memory. This can lead to various other attacks against a vulnerable computer. The vulnerability exists in the 'SR_Service.exe', which manages VPN connections.

A successful attack may allow the attacker to disclose memory and cause the application to crash. Reportedly, this issue can be leveraged to ultimately execute arbitrary code, however, this has not been confirmed.

VPN-1 SecureClient NG FP1 is reported prone to this vulnerability. It is possible that other versions are affected as well. 

'192.00000000000168.00115.047'