SB2018011603 - Multiple vulnerabilities in SoftEther VPN

Description

This security bulletin contains information about 11 vulnerabilities.

1) Buffer over-read (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to buffer overread in ParseL2TPPacket(). A remote attacker can trigger memory corruption and cause the running server process to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Memory corruption (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to boundary error in IcmpParseResult. A remote attacker can trigger memory corruption and cause the running server process to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Memory corruption (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to missing bounds check in ParseUDP(). A remote attacker can trigger invalid memory access and cause the running server process to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Out-of-bounds read (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to out-of-bounds read in IPsec_PPP.c. A remote attacker can trigger invalid memory access and cause the running server process to crash.

Successful exploitation of the vulnerability results in denial of service.

5) Memory corruption (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to overlapping parameters to memcpy() via StrToIp6(). A remote attacker can trigger memory corruption and cause the running server process to crash.

Successful exploitation of the vulnerability results in denial of service.

6) Memory corruption (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to PACK ReadValue() crash. A remote attacker can trigger memory corruption and cause the running server process to crash.

Successful exploitation of the vulnerability results in denial of service.

7) Memory corruption (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to potential use of uninitialized memory via IPToInAddr6(). A remote attacker can trigger memory corruption and cause the running server process to crash.

Successful exploitation of the vulnerability results in denial of service.

8) Resource exhaustion (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to memory leak in NnReadDnsRecord. A remote attacker can trigger excessive memory exhaustion and cause the running server process to crash.

9) Resource exhaustion (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to memory leak in RadiusLogin(). A remote attacker can trigger excessive memory exhaustion and cause the running server process to crash.

10) Resource exhaustion (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to memory leak via ParsePacketIPv4WithDummyMacHeader. A remote attacker can trigger excessive memory exhaustion and cause the running server process to crash.

11) Resource exhaustion (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to memory leak in OpenVPN server code. A remote attacker can trigger excessive memory exhaustion and cause the running server process to crash.

Remediation

Install update from vendor's website.

References

• http://www.softether.org/5-download/history