Vulnerabilities > CVE-2009-4118 - Unspecified vulnerability in Cisco VPN Client

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
cisco
nessus
exploit available

Summary

The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.

Exploit-Db

descriptionCisco VPN Client Integer Overflow (DOS). CVE-2009-4118. Dos exploit for windows platform
idEDB-ID:10190
last seen2016-02-01
modified2009-11-21
published2009-11-21
reporterAlex Hernandez
sourcehttps://www.exploit-db.com/download/10190/
titleCisco VPN Client Integer Overflow DOS

Nessus

NASL familyWindows
NASL idCISCO_VPN_CLIENT_5_0_06_0100.NASL
descriptionThe version of the Cisco VPN client installed on the remote host reportedly has a local denial of service vulnerability. The
last seen2020-06-01
modified2020-06-02
plugin id42960
published2009-12-01
reporterThis script is Copyright (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/42960
titleCisco VPN Client on Windows Service Control Manager DoS