Unrated severityNVD Advisory· Published Dec 1, 2009· Updated Apr 23, 2026
CVE-2009-4118
CVE-2009-4118
Description
The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running.
Affected products
21cpe:2.3:a:cisco:vpn_client:0490:base:windows:*:*:*:*:*+ 20 more
- cpe:2.3:a:cisco:vpn_client:0490:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:2.0:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:3.0.5:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:3.0:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:3.1:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:3.5.1c:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:3.5.1:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:3.5.2:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:3.6.5:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:4.7.00.0000:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:4.8.00.0000:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:4.8.00.0440:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:4.8.01:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:4.8.02.0010:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:4.8.1:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:4.9:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:5.0.00.340:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:5.0.01.0600:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:5.0.01:*:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:5.0.02.0090:base:windows:*:*:*:*:*
- cpe:2.3:a:cisco:vpn_client:5.0.2.0090:*:windows:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- packetstormsecurity.org/0911-exploits/sybsec-adv17.txtnvdExploit
- www.securityfocus.com/bid/37077nvdExploit
- secunia.com/advisories/37419nvdVendor Advisory
- tools.cisco.com/security/center/viewAlert.xnvdVendor Advisory
- www.vupen.com/english/advisories/2009/3296nvdVendor Advisory
News mentions
0No linked articles in our index yet.