Published: 02/04/2003 Updated: 05/09/2008

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Buffer overflows in the Cisco VPN 5000 Client prior to 5.2.7 for Linux, and VPN 5000 Client prior to 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco vpn 5000 client 5.2.6
cisco vpn 5000 client 5.2.7

source: wwwsecurityfocuscom/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems The condition affects the binaries 'close_tunnel' and 'open_tunnel', both installed setuid root by default Malicious local users may exploit these vulnerabilities to gain ...

NVD-CWE-Other http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml http://www.securityfocus.com/bid/5734 http://www.iss.net/security_center/static/10131.php https://nvd.nist.gov https://www.exploit-db.com/exploits/21805/

CVE-2002-1492

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect