BUGTRAQ ID: 29772
CNCAN ID:CNCAN-2008061907
Deterministic Network Extender不正确过滤用户提供的数据,可导致本地特权提升。
攻击者可以利用漏洞以SYSTEM级别权限执行任意代码。
Deterministic Network Extender 'dne2000.sys' 2.21.7.233 - 3.21.7.17464版本受此漏洞影响,'dne2000.sys'驱动与如下产品绑定使用:
- SafeNet HighAssurance Remote and SoftRemote
- Cisco VPN Client
- WinProxy
Citrix Deterministic Network Extender 2.21.7 .233
+ Blue Coat Systems WinProxy 6.1r1c
+ Blue Coat Systems WinProxy 6.0r1c
+ Blue Coat Systems WinProxy 2.1a
+ Cisco VPN Client for Windows 5.0.2 .0090
+ Cisco VPN Client for Windows 5.0.1 .0600
+ Cisco VPN Client for Windows 5.0.1
+ Cisco VPN Client for Windows 4.8.2 .0010
+ Cisco VPN Client for Windows 4.8.2
+ Cisco VPN Client for Windows 4.8.1
+ Cisco VPN Client for Windows 4.8
+ Cisco VPN Client for Windows 4.7 .0533
+ Cisco VPN Client for Windows 4.0.2 C
+ Cisco VPN Client for Windows 4.0.2 A
+ Cisco VPN Client for Windows 3.6.1
+ Cisco VPN Client for Windows 3.6 (Rel)
+ Cisco VPN Client for Windows 3.6
+ Cisco VPN Client for Windows 3.5.4
+ Cisco VPN Client for Windows 3.5.2 B
+ Cisco VPN Client for Windows 3.5.2
+ Cisco VPN Client for Windows 3.5.1 C
+ Cisco VPN Client for Windows 3.5.1
+ Cisco VPN Client for Windows 3.1
+ Cisco VPN Client for Windows 3.0.5
+ Cisco VPN Client for Windows 3.0
+ Cisco VPN Client for Windows 2.0
+ Cisco VPN Client for Windows 4.7
+ Cisco VPN Client for Windows 4.6
+ Deerfield MDaemon 0
+ SafeNet SafeNet HighAssurance Remote 1.4 .12
+ SafeNet SafeNet HighAssurance Remote 1.4
+ SafeNet SafeNet HighAssurance SafeRemote 1.4 .12
+ SafeNet SafeNet HighAssurance SoftRemote 1.4
+ SafeNet SoftRemote
+ SafeNet SoftRemoteLT
Citrix Deterministic Network Extender 2.21.7 .17464
+ Blue Coat Systems WinProxy 6.1r1c
+ Blue Coat Systems WinProxy 6.0r1c
+ Blue Coat Systems WinProxy 2.1a
+ Cisco VPN Client for Windows 5.0.2 .0090
+ Cisco VPN Client for Windows 5.0.1 .0600
+ Cisco VPN Client for Windows 5.0.1
+ Cisco VPN Client for Windows 4.8.2 .0010
+ Cisco VPN Client for Windows 4.8.2
+ Cisco VPN Client for Windows 4.8.1
+ Cisco VPN Client for Windows 4.8
+ Cisco VPN Client for Windows 4.7 .0533
+ Cisco VPN Client for Windows 4.0.2 C
+ Cisco VPN Client for Windows 4.0.2 A
+ Cisco VPN Client for Windows 3.6.1
+ Cisco VPN Client for Windows 3.6 (Rel)
+ Cisco VPN Client for Windows 3.6
+ Cisco VPN Client for Windows 3.5.4
+ Cisco VPN Client for Windows 3.5.2 B
+ Cisco VPN Client for Windows 3.5.2
+ Cisco VPN Client for Windows 3.5.1 C
+ Cisco VPN Client for Windows 3.5.1
+ Cisco VPN Client for Windows 3.1
+ Cisco VPN Client for Windows 3.0.5
+ Cisco VPN Client for Windows 3.0
+ Cisco VPN Client for Windows 2.0
+ Cisco VPN Client for Windows 4.7
+ Cisco VPN Client for Windows 4.6
+ SafeNet SafeNet HighAssurance Remote 1.4 .12
+ SafeNet SafeNet HighAssurance Remote 1.4
+ SafeNet SafeNet HighAssurance SafeRemote 1.4 .12
+ SafeNet SafeNet HighAssurance SoftRemote 1.4
+ SafeNet SoftRemote
+ SafeNet SoftRemoteLT
目前没有详细解决方案提供:
<a href=http://www.deterministicnetworks.com/Products/dne.asp target=_blank>http://www.deterministicnetworks.com/Products/dne.asp</a>
京公网安备 11010502034610号
暂无评论