[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247862

 
 

909

 
 

194603

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-5121Date: (C)2008-11-17   (M)2023-12-22


dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \.DNE device interface.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.2
Exploit Score: 3.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-29772
SECUNIA-30728
SECUNIA-30744
SECUNIA-30747
SECUNIA-30753
SREASON-4600
EXPLOIT-DB-5837
ADV-2008-1865
ADV-2008-1866
ADV-2008-1867
ADV-2008-1868
VU#858993
http://support.citrix.com/article/CTX117751
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860
http://www.digit-labs.org/files/exploits/dne2000-call.c
multiple-vendors-dne2000-priv-escalation(43153)

CPE    2
cpe:/a:cisco:vpn_client
cpe:/a:bluecoat:winproxy
CWE    1
CWE-264

© SecPod Technologies