Comments on: Network Security 2.0 http://lippisreport.com/2007/09/network-security-20/ Resources for Network / IT Business Decision Makers Tue, 22 May 2012 00:38:58 +0000 hourly 1 http://wordpress.org/?v=3.0 By: Nick Lippis http://lippisreport.com/2007/09/network-security-20/comment-page-1/#comment-44569 Nick Lippis Fri, 07 Dec 2007 13:21:57 +0000 http://lippisreport.com/2007/09/24/network-security-20/#comment-44569 Thank you Kishu, this is a well known vulnerability that was addressed years ago. Why do you mention it here? Thank you Kishu, this is a well known vulnerability that was addressed years ago. Why do you mention it here?

]]> By: Kishu Balani http://lippisreport.com/2007/09/network-security-20/comment-page-1/#comment-44561 Kishu Balani Fri, 07 Dec 2007 11:17:53 +0000 http://lippisreport.com/2007/09/24/network-security-20/#comment-44561 The Netscreen-Remote VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow is known to occur when the client attempts to process an IKE packet with several valid payloads. It may be possible to exploit this condition to execute arbitrary code with the privileges of the client. This issue is known to result in a denial of service condition in a vulnerable client. This vulnerability affects versions of the client on all platforms. The Netscreen-Remote VPN Client is prone to a remotely exploitable buffer overflow condition. It is possible to trigger this condition by sending malformed IKE packets to the client. The overflow is known to occur when the client attempts to process an IKE packet with several valid payloads.

It may be possible to exploit this condition to execute arbitrary code with the privileges of the client. This issue is known to result in a denial of service condition in a vulnerable client.

This vulnerability affects versions of the client on all platforms.

]]>