vendor:
VPN 5000 UNIX Clients
by:
zillion
7.2
CVSS
HIGH
Buffer Overrun
120
CWE
Product Name: VPN 5000 UNIX Clients
Affected Version From: 5.1.2005
Affected Version To: 5.1.2005
Patch Exists: YES
Related CWE: N/A
CPE: o:cisco:vpn_5000_unix_clients
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: Linux, Solaris
2002
Buffer Overrun Vulnerabilities in Cisco VPN 5000 UNIX Clients
Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'close_tunnel' and 'open_tunnel', both installed setuid root by default. Malicious local users may exploit these vulnerabilities to gain superuser privileges on the affected host.
Mitigation:
Ensure that the binaries 'close_tunnel' and 'open_tunnel' are not installed with setuid root.