PT-2007-4440 · Safenet · Safenet High Assurance Remote

Published

2007-06-11

Updated

2017-07-29

CVE-2007-3157

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: SafeNET High Assurance Remote version 1.4.0 Build 12

Description: The issue allows remote attackers to cause a denial of service, resulting in an infinite loop and system hang, via an invalid packet with certain bytes in an option header. This could be related to the IPv6 support for IPSec.

Recommendations: For SafeNET High Assurance Remote version 1.4.0 Build 12, consider restricting access to the IPSecDrv.sys driver until a patch is available. As a temporary workaround, avoid using the IPv6 support for IPSec to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-3157

Affected Products

Safenet High Assurance Remote

PT-2007-4440 · Safenet · Safenet High Assurance Remote

CVE-2007-3157

Related Identifiers

Affected Products

References · 9