Cisco VPN Client on Windows Service Control Manager DoS

Low Nessus Plugin ID 42960


The VPN client installed on the remote Windows host has a local denial of service vulnerability.


The version of the Cisco VPN client installed on the remote host reportedly has a local denial of service vulnerability. The 'StartServiceCtrlDispatcher' function of the 'cvpnd' service is implemented improperly. Attempting to run 'cvpnd.exe' from the command line causes the service to stop. A local attacker could exploit this to tear down any active VPN sessions.


Upgrade to Cisco VPN Client version or later.

See Also

Plugin Details

Severity: Low

ID: 42960

File Name: cisco_vpn_client_5_0_06_0100.nasl

Version: $Revision: 1.8 $

Type: local

Agent: windows

Family: Windows

Published: 2009/12/01

Modified: 2017/05/16

Dependencies: 25549

Risk Information

Risk Factor: Low


Base Score: 1.4

Temporal Score: 1.2

Vector: CVSS2#AV:L/AC:L/Au:M/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:vpn_client

Required KB Items: SMB/CiscoVPNClient/Version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/11/19

Vulnerability Publication Date: 2009/11/19

Reference Information

CVE: CVE-2009-4118

BID: 37077

OSVDB: 60416

Secunia: 37419