PT-2003-1228 · Cisco+2 · Cisco Vpn 5000 Client+2

Published

2003-03-18

Updated

2008-09-05

CVE-2002-1492

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco VPN 5000 Client versions prior to 5.2.7 for Linux Cisco VPN 5000 Client versions prior to 5.2.8 for Solaris

Description The issue allows local users to gain root privileges. This is achieved through buffer overflows in specific functions, including close tunnel and open tunnel.

Recommendations For Cisco VPN 5000 Client versions prior to 5.2.7 for Linux, update to version 5.2.7 or later. For Cisco VPN 5000 Client versions prior to 5.2.8 for Solaris, update to version 5.2.8 or later.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1492

Affected Products

Cisco Vpn 5000 Client

Linux

Solaris

PT-2003-1228 · Cisco+2 · Cisco Vpn 5000 Client+2

CVE-2002-1492

Related Identifiers

Affected Products

References · 6