Denial of Service Vulnerability in Cisco Systems VPN Client IPSec Driver
CVE-2008-0324

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn Client
Vendor: CVE Published:; 17 January 2008

What is CVE-2008-0324?

A vulnerability in the Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) allows local users to cause a denial of service (DoS) by invoking the 0x80002038 IOCTL with a small size value. This action leads to memory corruption, potentially crashing the application and disrupting service for the user.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/39694

vdb-entryx_refsource_XF

http://www.vupen.com/english/advisories/2008/0170

vdb-entryx_refsource_VUPEN

http://www.securitytracker.com/id?1019240

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 17, 2008
Vulnerability Reserved
Jan 16, 2008