Vulnerability CVE-2007-3157


Published: 2007-06-11   Modified: 2012-02-12

Description:
IPSecDrv.sys 10.4.0.12 in SafeNET High Assurance Remote 1.4.0 Build 12, and SoftRemote, allows remote attackers to cause a denial of service (infinite loop and system hang) via an invalid packet with certain bytes in an option header, possibly related to the IPv6 support for IPSec.

See advisories in our WLB2 database:
Topic
Author
Date
Low
SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS
mu-b
17.06.2007

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
Safenet -> Safenet highassurance remote 
Safenet -> Softremote vpn client 

 References:
http://xforce.iss.net/xforce/xfdb/34775
http://www.securityfocus.com/bid/24385
http://www.digit-labs.org/files/exploits/safenet-dos.c
http://osvdb.org/37137
http://lists.grok.org.uk/pipermail/full-disclosure/2007-June/063859.html
http://securityreason.com/securityalert/2803
http://secunia.com/advisories/25574

Copyright 2020, cxsecurity.com

 

Back to Top