VPNet VSU IP Bridging Vulnerability...
VPNos is an operating system designed for the VPNet VPN Service Units, by VPNet Technologies. A problem exists in the firmware that could allow a user access to restricted resources. The problem occurs in the bridging capabilities of the firmware. It is possible to bridge insecure traffic across the VSU by abusing a system on the same segment of public network as the VSU. This can be done by adding a second address to the interface of the machine local to the VSU. The address should be one of the internal private network guarded by the VSU. It is necessary to add a routing entry to make the VSU gateway traffic for the aliased IP Address. This flaw makes it possible for a malicious user with access to a system on the same segment of network as the VSU to access and potentially exploit restricted resources. This vulnerability has been received by VPNet Technologies. VPNet Technologies has responded to this issue, and after testing this vulnerability in various scenarios, have been...
