CVE-2009-3861
published 2009-11-04CVE-2009-3861: Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to…
PriorityP335medium6.9CVSS 2.0
AVLACMAuNCCICAC
EXPLOIT
EPSS
3.73%
88.4th percentile
Stack-based buffer overflow in SafeNet SoftRemote 10.8.5 (Build 2) and 10.3.5 (Build 6), and possibly other versions before 10.8.9, allows local users to execute arbitrary code via a long string in a (1) TREENAME or (2) GROUPNAME Policy file (spd).
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| safenet-inc | softremote | <= 10.8.8 | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
| safenet-inc | softremote | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
SafeNet SoftRemote - GROUPNAME Buffer Overflow (Metasploit)
exploitdb·2010-11-11
CVE-2009-3861 SafeNet SoftRemote - GROUPNAME Buffer Overflow (Metasploit)
SafeNet SoftRemote - GROUPNAME Buffer Overflow (Metasploit)
---
##
# $Id: safenet_softremote_groupname.rb 10998 2010-11-11 22:43:22Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'SafeNet SoftRemote GROUPNAME Buffer Overflow',
'Description' => %q{
This module exploits a stack buffer overflow in SafeNet SoftRemote
Security Policy Editor MSF_LICENSE,
'Author' => [ 'MC' ],
'Version' => '$Revision: 10998 $',
'References' =>
[
[ 'CVE', '2009-3861' ],
[ 'OSVDB', '59660'],
[ 'URL', 'http://www.senseofsecurity.com.au/advisories/SOS-09-008'
Metasploit
SafeNet SoftRemote GROUPNAME Buffer Overflow
metasploit
SafeNet SoftRemote GROUPNAME Buffer Overflow
SafeNet SoftRemote GROUPNAME Buffer Overflow
This module exploits a stack buffer overflow in SafeNet SoftRemote Security Policy Editor <= 10.8.5. When an attacker creates a specially formatted security policy with an overly long GROUPNAME argument, it is possible to execute arbitrary code.
No writeups or analysis indexed.
http://www.securityfocus.com/archive/1/507593/100/0/threadedhttp://www.securitytracker.com/id?1023117http://www.senseofsecurity.com.au/advisories/SOS-09-008http://www.vupen.com/english/advisories/2009/3108http://www.securityfocus.com/archive/1/507593/100/0/threadedhttp://www.securitytracker.com/id?1023117http://www.senseofsecurity.com.au/advisories/SOS-09-008http://www.vupen.com/english/advisories/2009/3108
2009-11-04
Published