Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2009-4118 PoC — Cisco VPN客户端cvpnd服务整数溢出漏洞

Source
https://github.com/alt3kx/CVE-2009-4118
Associated Vulnerability
Title:Cisco VPN客户端cvpnd服务整数溢出漏洞 (CVE-2009-4118)
Description:Cisco VPN Client是美国思科(Cisco)公司的一套跨平台的VPN客户端软件。 Windows平台上的Cisco VPN客户端使用cvpnd.exe二进制程序作为服务进程,而cvpnd服务没有正确地实现StartServiceCtrlDispatcher功能。ERROR_FAILED_SERVICE_CONTROLLER_CONNECT 错误,本地用户可以通过从命令行调用cvpnd.exe服务触发整数溢出,导致中断所有活动的VPN会话。引发拒绝服务漏洞。
Description
Cisco VPN Client - Integer Overflow Denial of Service
Readme
# CVE-2009-4118
Cisco VPN Client - Integer Overflow Denial of Service

Exploit-DB publication at  https://www.exploit-db.com/exploits/10190/

# Cisco official Intelligence AlertID 19445 and Credits 

http://tools.cisco.com/security/center/viewAlert.x?alertId=19445

![cve-2009-4118](https://user-images.githubusercontent.com/3140111/40872784-98bb237a-6654-11e8-9a77-7fb94a8edf1d.png)

# Author 
Alex Hernandez aka <em><a href="https://twitter.com/_alt3kx_" rel="nofollow">(@\_alt3kx\_)</a></em>
File Snapshot

 [4.0K]  /data/pocs/d99f9cfe4a81b953965ea1739dcf68adbc455e0e
├── [6.6K]  CVE-2009-4118.txt
├── [ 34K]  LICENSE.txt
└── [ 495]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.