CVE-2002-1447

Name of the Vulnerable Software and Affected Versions UNIX VPN Client versions prior to 3.5.2

Description A buffer overflow issue exists in the vpnclient program, allowing local users to gain administrative privileges by providing a long profile name in a connect argument.

Recommendations For versions prior to 3.5.2, update to version 3.5.2 or later to resolve the issue. As a temporary workaround, consider restricting the length of profile names used in connect arguments to prevent exploitation.