Vulnerabilities > CVE-2010-3361 - Unspecified vulnerability in Shrew VPN Client 2.1.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |