CVE-2008-5121

Deterministic Network Enhancer - 'dne2000.sys' Kernel Ring0 SYSTEM

Severity Score

7.2

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.

dne2000.sys en Citrix Deterministic Network Enhancer (DNE) desde la version 2.21.7.233 a la 3.21.7.17464, tal y como se usa en (1) Cisco VPN Client, (2) Blue Coat WinProxy, y (3) SafeNet SoftRemote y HighAssurance Remote, permite a usuarios locales obtener privilegios a través de una petición DNE_IOCTL DeviceIoControl modificada a la interfaz de dispositivo \\.\DNE .

*Credits: N/A

CVSS Scores

NISTv2 7.2

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2008-11-17 CVE Reserved
2008-11-18 CVE Published
2023-03-08 EPSS Updated
2024-08-07 CVE Updated
2024-08-07 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-264: Permissions, Privileges, and Access Controls

CAPEC

References (16)

URL	Tag	Source
http://secunia.com/advisories/30753	Third Party Advisory
http://securityreason.com/securityalert/4600	Third Party Advisory
http://support.citrix.com/article/CTX117751	X_refsource_confirm
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860	X_refsource_misc
http://www.digit-labs.org/files/exploits/dne2000-call.c	X_refsource_misc
http://www.kb.cert.org/vuls/id/858993	Third Party Advisory
http://www.securityfocus.com/bid/29772	Vdb Entry
http://www.vupen.com/english/advisories/2008/1865	Vdb Entry
http://www.vupen.com/english/advisories/2008/1866	Vdb Entry
http://www.vupen.com/english/advisories/2008/1867	Vdb Entry
http://www.vupen.com/english/advisories/2008/1868	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/43153	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/5837	2024-08-07

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/30728	2017-09-29
http://secunia.com/advisories/30744	2017-09-29
http://secunia.com/advisories/30747	2017-09-29

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	2.21.7.223 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "2.21.7.223"	-	Affected	in	Bluecoat Search vendor "Bluecoat"	Winproxy Search vendor "Bluecoat" for product "Winproxy"	*	-	Safe
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	2.21.7.223 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "2.21.7.223"	-	Affected	in	Cisco Search vendor "Cisco"	Vpn Client Search vendor "Cisco" for product "Vpn Client"	*	-	Safe
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	2.21.7.223 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "2.21.7.223"	-	Affected	in	Safenet Search vendor "Safenet"	Highassurance Remote Search vendor "Safenet" for product "Highassurance Remote"	*	-	Safe
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	2.21.7.223 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "2.21.7.223"	-	Affected	in	Safenet Search vendor "Safenet"	Softremote Vpn Client Search vendor "Safenet" for product "Softremote Vpn Client"	*	-	Safe
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	3.21.7.17464 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "3.21.7.17464"	-	Affected	in	Bluecoat Search vendor "Bluecoat"	Winproxy Search vendor "Bluecoat" for product "Winproxy"	*	-	Safe
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	3.21.7.17464 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "3.21.7.17464"	-	Affected	in	Cisco Search vendor "Cisco"	Vpn Client Search vendor "Cisco" for product "Vpn Client"	*	-	Safe
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	3.21.7.17464 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "3.21.7.17464"	-	Affected	in	Safenet Search vendor "Safenet"	Highassurance Remote Search vendor "Safenet" for product "Highassurance Remote"	*	-	Safe
Citrix Search vendor "Citrix"	Deterministic Network Enhancer Search vendor "Citrix" for product "Deterministic Network Enhancer"	3.21.7.17464 Search vendor "Citrix" for product "Deterministic Network Enhancer" and version "3.21.7.17464"	-	Affected	in	Safenet Search vendor "Safenet"	Softremote Vpn Client Search vendor "Safenet" for product "Softremote Vpn Client"	*	-	Safe