CVE-2008-0324

Cisco VPN Client 5.0.02.0090 - Denial of Service via IOCTL 0x80002038

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0324. PoCs published by mu-b.

AI-analyzed exploit summary This exploit demonstrates a local kernel system pool corruption vulnerability in the Cisco VPN Client IPSec Driver by sending a malformed IOCTL request with a buffer size less than 8+31 bytes, leading to memory corruption via an inline memcpy operation.

Description

Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · cdoswindows

https://www.exploit-db.com/exploits/4911

View Code ZIP pw:eip

This exploit demonstrates a local kernel system pool corruption vulnerability in the Cisco VPN Client IPSec Driver by sending a malformed IOCTL request with a buffer size less than 8+31 bytes, leading to memory corruption via an inline memcpy operation.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Cisco VPN Client IPSec Driver (CVPNDRVA.sys 5.0.02.0090)

No auth needed

Prerequisites: Local access to the system · Presence of vulnerable Cisco VPN Client IPSec Driver

MITRE ATT&CK