PT-2008-1957 · Cisco Systems · Cisco Vpn Client

Mu-B

Published

2008-01-17

Updated

2017-09-29

CVE-2008-0324

CVSS v2.0

4.9

Medium

Vector

AV:L/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) version 5.0.02.0090

Description The issue allows local users to cause a denial of service by calling the 0x80002038 IOCTL with a small size value, triggering memory corruption.

Recommendations For Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) version 5.0.02.0090, consider avoiding the use of the 0x80002038 IOCTL with small size values to prevent memory corruption until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2008-0324

Affected Products

Cisco Vpn Client

PT-2008-1957 · Cisco Systems · Cisco Vpn Client

CVE-2008-0324

Weakness Enumeration

Related Identifiers

Affected Products

References · 7