Vulnerability Details : CVE-2009-3861
Public exploit exists!
Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
Vulnerability category: OverflowExecute code
Products affected by CVE-2009-3861
- cpe:2.3:a:safenet-inc:softremote:*:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:1.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:1.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:1.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:1.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.7.7:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:safenet-inc:softremote:10.8.7:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-3861
88.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2009-3861
-
SafeNet SoftRemote GROUPNAME Buffer Overflow
Disclosure Date: 2009-10-30First seen: 2020-04-26exploit/windows/fileformat/safenet_softremote_groupnameThis module exploits a stack buffer overflow in SafeNet SoftRemote Security Policy Editor <= 10.8.5. When an attacker creates a specially formatted security policy with an overly long GROUPNAME argument, it is possible to execute arbitrary code. Author
CVSS scores for CVE-2009-3861
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
CWE ids for CVE-2009-3861
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-3861
-
http://www.securityfocus.com/archive/1/507593/100/0/threaded
-
http://www.vupen.com/english/advisories/2009/3108
Vendor Advisory
-
http://www.senseofsecurity.com.au/advisories/SOS-09-008
Security Advisory - SafeNet SoftRemote Local Buffer Overflow VulnerabilityVendor Advisory
-
http://www.securitytracker.com/id?1023117
Jump to