Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco VPN客户端cvpnd服务整数溢出漏洞
Vulnerability Description
Cisco VPN Client是美国思科(Cisco)公司的一套跨平台的VPN客户端软件。 Windows平台上的Cisco VPN客户端使用cvpnd.exe二进制程序作为服务进程,而cvpnd服务没有正确地实现StartServiceCtrlDispatcher功能。ERROR_FAILED_SERVICE_CONTROLLER_CONNECT 错误,本地用户可以通过从命令行调用cvpnd.exe服务触发整数溢出,导致中断所有活动的VPN会话。引发拒绝服务漏洞。
CVSS Information
N/A
Vulnerability Type
N/A