7.2
CVE-2008-5121
- EPSS 1.13%
- Veröffentlicht 18.11.2008 00:30:00
- Zuletzt bearbeitet 16.06.2026 22:59:17
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Citrix ≫ Deterministic Network Enhancer Version2.21.7.223
Citrix ≫ Deterministic Network Enhancer Version3.21.7.17464
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.13% | 0.622 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://secunia.com/advisories/30728
http://secunia.com/advisories/30744
http://secunia.com/advisories/30747
http://secunia.com/advisories/30753
http://securityreason.com/securityalert/4600
http://support.citrix.com/article/CTX117751
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860
http://www.digit-labs.org/files/exploits/dne2000-call.c
http://www.kb.cert.org/vuls/id/858993
http://www.securityfocus.com/bid/29772
http://www.vupen.com/english/advisories/2008/1865
http://www.vupen.com/english/advisories/2008/1866
http://www.vupen.com/english/advisories/2008/1867
http://www.vupen.com/english/advisories/2008/1868
https://exchange.xforce.ibmcloud.com/vulnerabilities/43153
https://www.exploit-db.com/exploits/5837