Vulnerabilities > CVE-2008-0324 - Resource Management Errors vulnerability in Cisco VPN Client 5.0.2.0090
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Cisco VPN Client IPSec Driver Local kernel system pool Corruption PoC. CVE-2008-0324. Dos exploit for windows platform |
| file | exploits/windows/dos/4911.c |
| id | EDB-ID:4911 |
| last seen | 2016-01-31 |
| modified | 2008-01-15 |
| platform | windows |
| port | |
| published | 2008-01-15 |
| reporter | mu-b |
| source | https://www.exploit-db.com/download/4911/ |
| title | Cisco VPN Client IPSec Driver Local kernel system pool Corruption PoC |
| type | dos |
References
- http://secunia.com/advisories/28472
- http://secunia.com/advisories/28472
- http://www.securityfocus.com/bid/27289
- http://www.securityfocus.com/bid/27289
- http://www.securitytracker.com/id?1019240
- http://www.securitytracker.com/id?1019240
- http://www.vupen.com/english/advisories/2008/0170
- http://www.vupen.com/english/advisories/2008/0170
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39694
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39694
- https://www.exploit-db.com/exploits/4911
- https://www.exploit-db.com/exploits/4911