Check Point Remote Access Client Insecure Library Loading

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote Windows host has a VPN client installed that is affected by
an insecure library loading vulnerability.

Description :

The version of Check Point Remote Access Client installed on the remote
Windows host is earlier than E75.10 and is, therefore, reportedly
affected by an insecure library loading vulnerability. If an attacker
can trick a user on the affected system into opening a specially crafted
file, they may be able to leverage this issue to execute arbitrary code
subject to the user's privileges.

See also :

http://www.nessus.org/u?b5b32f63
http://seclists.org/bugtraq/2012/Jun/68

Solution :

Upgrade to Check Point Remote Access Client E75.20 or later.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 62076 ()

Bugtraq ID: 53925

CVE ID: CVE-2012-2753

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now