Cisco VPN Client for Windows Local Denial of Service Vulnerability

Cisco VPN Client for Windows is prone to a local denial-of-service vulnerability because the software's IPsec driver fails to handle certain IOCTLs.

Successfully exploiting this issue allows local attackers to crash affected computers, denying further service to legitimate users.

This issue affects 'cvpndrva.sys' 5.0.02.0090; other versions of the driver may also be affected.


 

Privacy Statement
Copyright 2010, SecurityFocus