VAR-200304-0128
Vulnerability from variot - Updated: 2025-04-03 22:24Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel. The condition affects the binaries 'close_tunnel' and 'open_tunnel', both installed setuid root by default. Malicious local users may exploit these vulnerabilities to gain superuser privileges on the affected host. Cisco Virtual Private Network (VPN) client program is a program used to securely communicate with enterprise CISCO VPN devices through the Internet. It can be used under the Microsoft Windows operating system, and can also be used under the Linux operating system. CISCO assigned this vulnerability number as: CSCdy20065 < link: http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml >
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200304-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "vpn 5000 client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.7"
},
{
"model": "vpn 5000 client",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.2.6"
},
{
"model": "vpn client for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2.7"
},
{
"model": "vpn client for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2.6"
},
{
"model": "vpn client for solaris",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2.8"
},
{
"model": "vpn client for linux",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "50005.2.7"
}
],
"sources": [
{
"db": "BID",
"id": "5734"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
},
{
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovered by Niels Heinen \u003cniels.heinen@ubizen.com\u003e.",
"sources": [
{
"db": "BID",
"id": "5734"
}
],
"trust": 0.3
},
"cve": "CVE-2002-1492",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "CVE-2002-1492",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-5877",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-1492",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200304-004",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-5877",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5877"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
},
{
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via (1) close_tunnel and (2) open_tunnel. The condition affects the binaries \u0027close_tunnel\u0027 and \u0027open_tunnel\u0027, both installed setuid root by default. Malicious local users may exploit these vulnerabilities to gain superuser privileges on the affected host. Cisco Virtual Private Network (VPN) client program is a program used to securely communicate with enterprise CISCO VPN devices through the Internet. It can be used under the Microsoft Windows operating system, and can also be used under the Linux operating system. CISCO assigned this vulnerability number as: CSCdy20065 \u003c* link: http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml *\u003e",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1492"
},
{
"db": "BID",
"id": "5734"
},
{
"db": "VULHUB",
"id": "VHN-5877"
}
],
"trust": 1.26
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-5877",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5877"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-1492",
"trust": 2.0
},
{
"db": "BID",
"id": "5734",
"trust": 2.0
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20020918 CISCO VPN 5000 CLIENT MULTIPLE VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "5000",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "21805",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "21806",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75627",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75626",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-5877",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5877"
},
{
"db": "BID",
"id": "5734"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
},
{
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"id": "VAR-200304-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-5877"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:24:10.158000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/5734"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/10131.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-5877"
},
{
"db": "BID",
"id": "5734"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
},
{
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-5877"
},
{
"db": "BID",
"id": "5734"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
},
{
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2003-04-02T00:00:00",
"db": "VULHUB",
"id": "VHN-5877"
},
{
"date": "2002-09-18T00:00:00",
"db": "BID",
"id": "5734"
},
{
"date": "2002-09-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-004"
},
{
"date": "2003-04-02T05:00:00",
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-5877"
},
{
"date": "2009-07-11T17:06:00",
"db": "BID",
"id": "5734"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200304-004"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-1492"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "5734"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco VPN Client Local Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "5734"
},
{
"db": "CNNVD",
"id": "CNNVD-200304-004"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…