← back
CVE-2007-6273

CVE-2007-6273

EPSS 6.2%
Multiple format string vulnerabilities in the configuration file in SonicWALL GLobal VPN Client 3.1.556 and 4.0.0.810 allow user-assisted remote attackers to execute arbitrary code via format string specifiers in the (1) Hostname tag or the (2) name attribute in the Connection tag. NOTE: there might not be any realistic circumstances in which this issue crosses privilege boundaries.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/30840unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://marc.info/?l=bugtraq&m=119678272603064&w=2http://secunia.com/advisories/27917http://www.sec-consult.com/305.htmlhttp://www.securityfocus.com/bid/26689http://www.securitytracker.com/id?1019038http://www.vupen.com/english/advisories/2007/4094