CVE-2002-1447

UNIX VPN Client <3.5.2 - Privilege Escalation

Title source: llm

Description

Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by methodic · clocallinux

https://www.exploit-db.com/exploits/21568

View Code ZIP pw:eip

References (5)

[Exploit, Vendor Advisory] http://sec.angrypacket.com/advisories/0002_AP.vpnclient.txt

[Third Party Advisory] http://www.iss.net/security_center/static/9376.php

[Third Party Advisory, VDB Entry] http://online.securityfocus.com/archive/1/277653

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/5056

[Vendor Advisory] http://www.cisco.com/warp/public/707/cisco-unix-vpnclient-buffer-overflow-pub.shtml

Scores

EPSS 0.0139

EPSS Percentile 80.4%

Details

Status published

Products (1)

cisco/vpn_client < 3.5.1

Published May 28, 2002

Tracked Since Feb 18, 2026