Skip to main content

CVE-2009-4118

Severity Low
Score 2.1/10

Summary

The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.

  • LOW
  • LOCAL
  • NONE
  • NONE
  • NONE
  • PARTIAL

References

Advisory Timeline

  • Published