CVE-2002-0852

Published Sep 5, 2002

Last updated 16 years ago

CVSS info 5.0

Overview

Description: Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2BD00D0A-EB6E-41AA-851D-9DD258E23BEA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:mac_os_x:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3FB66EB9-9FE9-4B13-9E5F-E9DEDCD0E3C3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:solaris:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88EB557F-33CD-40FE-B470-04F93CB2F3E3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.1:*:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "59938F7D-5F64-4FC0-A5B2-C798AF297130"
          },
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:linux:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2EEB23E-4592-49A1-BDC6-110580340AAD"
          },
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:mac_os_x:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D548CEFE-1970-42D3-9039-196A3B5F5D0B"
          },
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:solaris:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D4BDB9B-99D8-42B7-8D57-2B57029220F1"
          },
          {
            "criteria": "cpe:2.3:a:cisco:vpn_client:3.5.2:*:windows:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2288FB91-4607-417D-8658-E1B8090BE40A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References