2.1
CVE-2009-4118
- EPSS 0.28%
- Published 01.12.2009 00:30:00
- Last modified 09.04.2025 00:30:58
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Vpn Client Version2.0 Editionwindows
Cisco ≫ Vpn Client Version3.0 Editionwindows
Cisco ≫ Vpn Client Version3.0.5 Editionwindows
Cisco ≫ Vpn Client Version3.1 Editionwindows
Cisco ≫ Vpn Client Version3.5.1 Editionwindows
Cisco ≫ Vpn Client Version3.5.1c Editionwindows
Cisco ≫ Vpn Client Version3.5.2 Editionwindows
Cisco ≫ Vpn Client Version3.6.5 Updatebase Editionwindows
Cisco ≫ Vpn Client Version4.7.00.0000 Editionwindows
Cisco ≫ Vpn Client Version4.8.00.0000 Editionwindows
Cisco ≫ Vpn Client Version4.8.00.0440 Editionwindows
Cisco ≫ Vpn Client Version4.8.1 Editionwindows
Cisco ≫ Vpn Client Version4.8.01 Updatebase Editionwindows
Cisco ≫ Vpn Client Version4.8.02.0010 Updatebase Editionwindows
Cisco ≫ Vpn Client Version4.9 Updatebase Editionwindows
Cisco ≫ Vpn Client Version5.0.00.340 Updatebase Editionwindows
Cisco ≫ Vpn Client Version5.0.01 Editionwindows
Cisco ≫ Vpn Client Version5.0.01.0600 Updatebase Editionwindows
Cisco ≫ Vpn Client Version5.0.2.0090 Editionwindows
Cisco ≫ Vpn Client Version5.0.02.0090 Updatebase Editionwindows
Cisco ≫ Vpn Client Version0490 Updatebase Editionwindows
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.506 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|