CVE-2008-5121 – Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM
https://notcve.org/view.php?id=CVE-2008-5121
dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. dne2000.sys en Citrix Deterministic Network Enhancer (DNE) desde la version 2.21.7.233 a la 3.21.7.17464, tal y como se usa en (1) Cisco VPN Client, (2) Blue Coat WinProxy, y (3) SafeNet SoftRemote y HighAssurance Remote, permite a usuarios locales obtener privilegios a través de una petición DNE_IOCTL DeviceIoControl modificada a la interfaz de dispositivo \\.\DNE . • https://www.exploit-db.com/exploits/5837 http://secunia.com/advisories/30728 http://secunia.com/advisories/30744 http://secunia.com/advisories/30747 http://secunia.com/advisories/30753 http://securityreason.com/securityalert/4600 http://support.citrix.com/article/CTX117751 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860 http://www.digit-labs.org/files/exploits/dne2000-call.c http://www.kb.cert.org/vuls/id/858993 http://www • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2007-0796
https://notcve.org/view.php?id=CVE-2007-0796
Blue Coat Systems WinProxy 6.1a and 6.0 r1c, and possibly earlier, allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long HTTP CONNECT request, which triggers heap corruption. Blue Coat Systems WinProxy 6.1a y 6.0 r1c, y posiblemente anteriores, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecutar código de su elección mediante una petición HTTP CONNECT larga, lo cual provoca la corrupción de la pila. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=471 http://osvdb.org/33097 http://secunia.com/advisories/24049 http://securitytracker.com/id?1017586 http://www.securityfocus.com/bid/22393 http://www.vupen.com/english/advisories/2007/0482 https://exchange.xforce.ibmcloud.com/vulnerabilities/32204 •
CVE-2005-3187 – BlueCoat WinProxy 6.0 R1c - GET Denial of Service
https://notcve.org/view.php?id=CVE-2005-3187
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read. • https://www.exploit-db.com/exploits/1409 http://secunia.com/advisories/18288 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=363 http://www.securityfocus.com/bid/16148 http://www.vupen.com/english/advisories/2006/0065 •