Drake C

Name of the Vulnerable Software and Affected Versions: SoftEther VPN version 5.02.5187 Description: The issue is related to a Buffer Overflow in the Command.c file, specifically via the `PtMakeCert` and `PtMakeCert2048` functions. Recommendations: For SoftEther VPN version 5.02.5187, consider disabling the `PtMakeCert` and `PtMakeCert2048` functions as a temporary workaround until a patch is available. Restrict access to the Command.c file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** SoftEtherVPN version 5.02.5187 **Description** A memory leak issue exists in SoftEtherVPN 5.02.5187. This allows an attacker to potentially cause a denial of service by exploiting the `UnixMemoryAlloc` function. The supplier disputes the severity, stating the behavior is limited to a single allocation of a few hundred bytes with a command-line tool. **Recommendations** SoftEtherVPN version 5.02.5187: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: SoftEther VPN version 5.02.5187 Description: The issue is related to a Buffer Overflow in the Internat.c file via the UniToStrForSingleChars function. Recommendations: For SoftEther VPN version 5.02.5187, consider disabling the UniToStrForSingleChars function as a temporary workaround until a patch is available. Restrict access to the Internat.c module to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: SoftEtherVPN version 5.02.5187 Description: The issue is related to a Use after Free condition in the Command.c file, specifically via the CheckNetworkAcceptThread function. Recommendations: For SoftEtherVPN version 5.02.5187, at the moment, there is no information about a newer version that contains a fix for this vulnerability.