CVE-2008-5121
Summary
| CVE | CVE-2008-5121 |
|---|---|
| State | PUBLISHED |
| Assigner | mitre |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2008-11-18 00:30:00 UTC |
| Updated | 2026-04-23 00:35:47 UTC |
| Description | dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface. |
Risk And Classification
CVSS v2.0 Breakdown
Access Vector
LocalAccess Complexity
LowAuthentication
NoneConfidentiality
CompleteIntegrity
CompleteAvailability
CompleteAV:L/AC:L/Au:N/C:C/I:C/A:C
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Bluecoat | Winproxy | All | All | All | All |
| Application | Cisco | Vpn Client | All | All | All | All |
| Application | Citrix | Deterministic Network Enhancer | 2.21.7.223 | All | All | All |
| Application | Citrix | Deterministic Network Enhancer | 3.21.7.17464 | All | All | All |
| Application | Safenet | Highassurance Remote | All | All | All | All |
| Application | Safenet | Softremote Vpn Client | All | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Deterministic Network Enhancer dne2000.sys kernel ring0 SYSTEM exploit | af854a3a-2127-422b-91ae-364da2661108 | www.exploit-db.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| CTX117751 - Privilege Escalation Vulnerability in Citrix Deterministic Network Enhancer (dne2000.sys) - Citrix Knowledge Center | af854a3a-2127-422b-91ae-364da2661108 | support.citrix.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| Deterministic Network Enhancer 'dne2000.sys' Local Privilege Escalation Vulnerability | af854a3a-2127-422b-91ae-364da2661108 | www.securityfocus.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| Cisco.com Login Page | af854a3a-2127-422b-91ae-364da2661108 | tools.cisco.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | af854a3a-2127-422b-91ae-364da2661108 | www.vupen.com | |
| BlueCoat WinProxy Deterministic Network Enhancer Privilege Escalation - Advisories - Community | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | |
| IBM X-Force Exchange | af854a3a-2127-422b-91ae-364da2661108 | exchange.xforce.ibmcloud.com | |
| SecurityReason - Deterministic Network Enhancer dne2000.sys kernel ring0 SYSTEM exploit | af854a3a-2127-422b-91ae-364da2661108 | securityreason.com | |
| www.digit-labs.org/files/exploits/dne2000-call.c | af854a3a-2127-422b-91ae-364da2661108 | www.digit-labs.org | |
| Deterministic Network Enhancer Privilege Escalation Vulnerability - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| Cisco VPN Client Deterministic Network Enhancer Privilege Escalation - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| SafeNet Products Deterministic Network Enhancer Privilege Escalation - Secunia Advisories - Vulnerability Intelligence - Secunia.com | af854a3a-2127-422b-91ae-364da2661108 | secunia.com | Vendor Advisory |
| US-CERT Vulnerability Note VU#858993 | af854a3a-2127-422b-91ae-364da2661108 | www.kb.cert.org | US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.