SonicWALL Global VPN Client < Format String Vulnerabilities

High Nessus Plugin ID 38929


The remote Windows host contains a program that is affected by multiple format string vulnerabilities.


The version of the SonicWALL Global VPN Client software installed on the remote Windows host fails to sanitize the 'name' attribute of the 'Connection' tag and the content of the 'Hostname' tag in the configuration file of format strings. If an attacker can trick a user on the affected host into importing a specially crafted configuration file, the attacker could leverage this issue to execute arbitrary code on the affected host subject to the user's privileges.


Upgrade to SonicWALL VPN client as that reportedly resolves the issue.

See Also

Plugin Details

Severity: High

ID: 38929

File Name: sonicwall_vpn_client_4_0_0_830.nasl

Version: $Revision: 1.8 $

Type: local

Agent: windows

Family: Windows

Published: 2009/05/27

Modified: 2016/11/17

Dependencies: 29999

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:sonicwall:global_vpn_client

Required KB Items: SMB/SonicWallGlobalVPNClient/Version

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2007-6273

BID: 26689

OSVDB: 42502

Secunia: 27917

CWE: 134