RSS   Vulnerabilities for 'Vipnet coordinator'   RSS

2017-06-14
 
CVE-2017-9606

 

 
Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. The attack succeeds because of incorrect folder permissions in conjunction with a lack of integrity and authenticity checks.

 
2013-05-22
 
CVE-2013-3496

CWE-264
 

 
Infotecs ViPNet Client 3.2.10 (15632) and earlier, ViPNet Coordinator 3.2.10 (15632) and earlier, ViPNet Personal Firewall 3.1 and earlier, and ViPNet SafeDisk 4.1 (0.5643) and earlier use weak permissions (Everyone: Full Control) for a folder under %PROGRAMFILES%\Infotecs, which allows local users to gain privileges via a Trojan horse (1) executable file or (2) DLL file.

 

 >>> Vendor: Infotecs 4 Products
Vipnet client
Vipnet coordinator
Vipnet personal firewall
Vipnet safedisk


Copyright 2019, cxsecurity.com

 

Back to Top