CVE-2002-1492
Cisco VPN 5000 Client - Buffer Overrun
Severity Score
7.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel.
Desbordamiento de búfer en el cliente Cisco VPN 5000 anteriores a la 5.2.7 para Linux y cliente VPN 5000 Client anteriores a la 5.2.8 para Solaris, permite a usuarios locales la obtención de privilegios de root mediante: close_tunnel y open_tunnel.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2002-09-18 First Exploit
- 2003-02-05 CVE Reserved
- 2003-03-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-08 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/21805 | 2002-09-18 | |
| https://www.exploit-db.com/exploits/21806 | 2002-09-18 | |
| http://www.securityfocus.com/bid/5734 | 2024-08-08 |
| URL | Date | SRC |
|---|---|---|
| http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml | 2008-09-05 | |
| http://www.iss.net/security_center/static/10131.php | 2008-09-05 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Vpn 5000 Client Search vendor "Cisco" for product "Vpn 5000 Client" | 5.2.6 Search vendor "Cisco" for product "Vpn 5000 Client" and version "5.2.6" | linux |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Vpn 5000 Client Search vendor "Cisco" for product "Vpn 5000 Client" | 5.2.7 Search vendor "Cisco" for product "Vpn 5000 Client" and version "5.2.7" | solaris |
Affected
| ||||||