Buffer Overflow Vulnerability in Cisco VPN 5000 Client for Linux and Solaris
CVE-2002-1492

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn 5000 Client
Vendor: CVE Published:; 2 April 2003

Summary

The Cisco VPN 5000 Client for Linux and Solaris is affected by a buffer overflow vulnerability that enables local users to escalate their privileges to root. This occurs through the misuse of the 'close_tunnel' and 'open_tunnel' functions, potentially granting unauthorized access and control over the system. Users are advised to update to the latest versions to mitigate this risk.

References

http://www.iss.net/security_center/static/10131.php

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/5734

vdb-entryx_refsource_BID

http://www.cisco.com/warp/public/707/vpn5k-client-multipl...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Apr 2, 2003
Vulnerability Reserved
Feb 5, 2003