The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Vpn_client | Cisco | 2.0 (including) | 2.0 (including) |
| Vpn_client | Cisco | 3.0 (including) | 3.0 (including) |
| Vpn_client | Cisco | 3.0.5 (including) | 3.0.5 (including) |
| Vpn_client | Cisco | 3.1 (including) | 3.1 (including) |
| Vpn_client | Cisco | 3.5.1 (including) | 3.5.1 (including) |
| Vpn_client | Cisco | 3.5.1c (including) | 3.5.1c (including) |
| Vpn_client | Cisco | 3.5.2 (including) | 3.5.2 (including) |
| Vpn_client | Cisco | 3.6.5-base (including) | 3.6.5-base (including) |
| Vpn_client | Cisco | 4.7.00.0000 (including) | 4.7.00.0000 (including) |
| Vpn_client | Cisco | 4.8.00.0000 (including) | 4.8.00.0000 (including) |
| Vpn_client | Cisco | 4.8.00.0440 (including) | 4.8.00.0440 (including) |
| Vpn_client | Cisco | 4.8.1 (including) | 4.8.1 (including) |
| Vpn_client | Cisco | 4.8.01-base (including) | 4.8.01-base (including) |
| Vpn_client | Cisco | 4.8.02.0010-base (including) | 4.8.02.0010-base (including) |
| Vpn_client | Cisco | 4.9-base (including) | 4.9-base (including) |
| Vpn_client | Cisco | 5.0.00.340-base (including) | 5.0.00.340-base (including) |
| Vpn_client | Cisco | 5.0.01 (including) | 5.0.01 (including) |
| Vpn_client | Cisco | 5.0.01.0600-base (including) | 5.0.01.0600-base (including) |
| Vpn_client | Cisco | 5.0.2.0090 (including) | 5.0.2.0090 (including) |
| Vpn_client | Cisco | 5.0.02.0090-base (including) | 5.0.02.0090-base (including) |
| Vpn_client | Cisco | 0490-base (including) | 0490-base (including) |