OSVDB ID: 13701

Title: SafeNet SoftRemote VPN Client IreIKE.exe Cleartext Password Local Disclosure

Info

Disclosure

Feb 08, 2005

Discovery

Unknown

Dates

Exploit

Feb 08, 2005

Solution

Unknown

Description

SafeNet SoftRemote VPN Client contains a flaw that may lead to an unauthorized information disclosure. The issue is due to the IreIKE.exe process decrypting VPN (pre-shared keys) passwords upon startup and storing them as plaintext in memory. This allows for disclosure of the local users' VPN password information resulting in a loss of confidentiality.

Classification

Location: Local Access Required
Attack Type: Cryptographic, Information Disclosure
Impact: Loss of Confidentiality
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version 10.3.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

SafeNet	SoftRemote VPN Client	10.2.x
		10.1.x
		10.0.x
		9.x
		8.x
		7.x
		6.x
		5.x
		4.x
		3.x
		10.3.0
		10.3.1
		10.3.2
		10.3.3
		10.3.4
		10.3.5

References

Security Tracker: 1013134
ISS X-Force ID: 19256
CVE ID: 2005-0346 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-02/0041.html
Other Advisory URL: http://www.nta-monitor.com/news/vpn-flaws/safenet/index.htm
Vendor URL: http://www.safenet-inc.com/products/vpn/softRemote.asp

Credit

NTA Monitor Ltd. - NTA Monitor Ltd.

Direct URL: http://osvdb.org/36218