Published: 01/12/2009 Updated: 25/10/2012
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 216
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Summary

The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows prior to does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.

Affected Products

Vendor Product Versions
CiscoVpn Client2.0, 3.0, 3.0.5, 3.1, 3.5.1, 3.5.1c, 3.5.2, 3.6.5,,,, 4.8.1, 4.8.01,, 4.9,, 5.0.01,,,, 0490


/* Cisco VPN client version 50030560 Cisco VPN client Version 50040300 Cisco VPN client Version 50050290 Cisco VPN client Version 48020010 */ /* * Cisco VPN Client 0day Integer overflow (DOS) Proof Of Concept Code * * By Alex Hernandez aka alt3kx (c) November 2009 * * This POC is only for test If an application read a malformed ...

Github Repositories

CVE-2009-4118 Cisco VPN Client - Integer Overflow Denial of Service Exploit-DB publication at wwwexploit-dbcom/exploits/10190/ Cisco official Intelligence AlertID 19445 and Credits toolsciscocom/security/center/viewAlertx?alertId=19445 Author Alex Hernandez aka (@_alt3kx_)