CVE-2008-5121 | Vulnerability Database | Aqua Security

dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the .DNE device interface.

Affected Software

Name	Vendor	Start Version	End Version
Deterministic_network_enhancer	Citrix	2.21.7.223 (including)	2.21.7.223 (including)
Deterministic_network_enhancer	Citrix	3.21.7.17464 (including)	3.21.7.17464 (including)

References

http://secunia.com/advisories/30728
http://secunia.com/advisories/30744
http://secunia.com/advisories/30747
http://secunia.com/advisories/30753
http://securityreason.com/securityalert/4600
http://support.citrix.com/article/CTX117751
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsm25860
http://www.digit-labs.org/files/exploits/dne2000-call.c
http://www.kb.cert.org/vuls/id/858993
http://www.securityfocus.com/bid/29772
http://www.vupen.com/english/advisories/2008/1865
http://www.vupen.com/english/advisories/2008/1866
http://www.vupen.com/english/advisories/2008/1867
http://www.vupen.com/english/advisories/2008/1868
https://exchange.xforce.ibmcloud.com/vulnerabilities/43153
https://www.exploit-db.com/exploits/5837
http://secunia.com/advisories/30728
http://secunia.com/advisories/30744
http://secunia.com/advisories/30747
http://secunia.com/advisories/30753
http://securityreason.com/securityalert/4600
http://support.citrix.com/article/CTX117751
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsm25860
http://www.digit-labs.org/files/exploits/dne2000-call.c
http://www.kb.cert.org/vuls/id/858993
http://www.securityfocus.com/bid/29772
http://www.vupen.com/english/advisories/2008/1865
http://www.vupen.com/english/advisories/2008/1866
http://www.vupen.com/english/advisories/2008/1867
http://www.vupen.com/english/advisories/2008/1868
https://exchange.xforce.ibmcloud.com/vulnerabilities/43153
https://www.exploit-db.com/exploits/5837

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-5121
CWE	https://cwe.mitre.org/data/definitions/264.html