Lucene search

PRIOn knowledge basePRION:CVE-2008-5121

HistoryNov 18, 2008 - 12:30 a.m.

Design/Logic Flaw

2008-11-1800:30:00

PRIOn knowledge base

www.prio-n.com

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

0.4%

JSON

dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \.\DNE device interface.

CPENameOperatorVersion
deterministic_network_enhancereq2.21.7.223
deterministic_network_enhancereq3.21.7.17464

CPE	Name	Operator	Version
	deterministic_network_enhancer	eq	2.21.7.223
	deterministic_network_enhancer	eq	3.21.7.17464

References

secunia.com/advisories/30728

secunia.com/advisories/30744

secunia.com/advisories/30747

secunia.com/advisories/30753

securityreason.com/securityalert/4600

support.citrix.com/article/CTX117751

tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860

www.digit-labs.org/files/exploits/dne2000-call.c

www.kb.cert.org/vuls/id/858993

www.securityfocus.com/bid/29772

www.vupen.com/english/advisories/2008/1865

www.vupen.com/english/advisories/2008/1866

www.vupen.com/english/advisories/2008/1867

www.vupen.com/english/advisories/2008/1868

exchange.xforce.ibmcloud.com/vulnerabilities/43153

www.exploit-db.com/exploits/5837