Detections
Analytics
Cisco VPN Client on Windows Service Control Manager DoS
low Nessus Plugin ID 42960
Synopsis
The VPN client installed on the remote Windows host has a local denial of service vulnerability.Description
The version of the Cisco VPN client installed on the remote host reportedly has a local denial of service vulnerability. The 'StartServiceCtrlDispatcher' function of the 'cvpnd' service is implemented improperly. Attempting to run 'cvpnd.exe' from the command line causes the service to stop. A local attacker could exploit this to tear down any active VPN sessions.Solution
Upgrade to Cisco VPN Client version 5.0.06.0100 or later.See Also
http://www.exploit-db.com/exploits/10190
https://tools.cisco.com/security/center/viewAlert.x?alertId=19445
Plugin Details
Severity: Low
ID: 42960
File Name: cisco_vpn_client_5_0_06_0100.nasl
Version: 1.10
Type: local
Agent: windows
Family: Windows
Published: 12/1/2009
Updated: 8/22/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 4.4
CVSS v2
Risk Factor: Low
Base Score: 1.4
Temporal Score: 1.1
Vector: CVSS2#AV:L/AC:L/Au:M/C:N/I:N/A:P
Vulnerability Information
CPE: cpe:/a:cisco:vpn_client
Required KB Items: SMB/CiscoVPNClient/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 11/19/2009
Vulnerability Publication Date: 11/19/2009
Reference Information
CVE: CVE-2009-4118
BID: 37077
Secunia: 37419