CVE-2008-5121
published 2008-11-18CVE-2008-5121: dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3)…
PriorityP337high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
1.13%
62.3th percentile
dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | deterministic_network_enhancer | — | — |
| citrix | deterministic_network_enhancer | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-928c-9c6q-76w6: dne2000
ghsa_unreviewed·2022-05-17
CVE-2008-5121 [HIGH] GHSA-928c-9c6q-76w6: dne2000
dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.
Citrix
CVE-2008-5121: dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, a
vendor_citrix·2008-11-18·CVSS 7.2
CVE-2008-5121 [HIGH] CWE-264 CVE-2008-5121: dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, a
CVE-2008-5121: dne2000.sys in Citrix Deterministic Network Enhancer (DNE) 2.21.7.233 through 3.21.7.17464, as used in (1) Cisco VPN Client, (2) Blue Coat WinProxy, and (3) SafeNet SoftRemote and HighAssurance Remote, allows local users to gain privileges via a crafted DNE_IOCTL DeviceIoControl request to the \\.\DNE device interface.
Citrix
Citrix Security Bulletin CTX117751
vendor_citrix·CVSS 7.2
CVE-2008-5121 [HIGH] Citrix Security Bulletin CTX117751
Citrix Security Bulletin CTX117751
CVE References: CVE-2008-5121, CVE-2025-12101, CVE-2025-62626, CVE-2026-23554, CVE-2026-3055, CVE-2026-4368, CVE-2026-4397
Affected Products: Citrix ADM, Citrix Hypervisor, Citrix Virtual Apps and Desktops, Endpoint Management, NetScaler ADC, NetScaler Gateway, XenServer
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/30728http://secunia.com/advisories/30744http://secunia.com/advisories/30747http://secunia.com/advisories/30753http://securityreason.com/securityalert/4600http://support.citrix.com/article/CTX117751http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860http://www.digit-labs.org/files/exploits/dne2000-call.chttp://www.kb.cert.org/vuls/id/858993http://www.securityfocus.com/bid/29772http://www.vupen.com/english/advisories/2008/1865http://www.vupen.com/english/advisories/2008/1866http://www.vupen.com/english/advisories/2008/1867http://www.vupen.com/english/advisories/2008/1868https://exchange.xforce.ibmcloud.com/vulnerabilities/43153https://www.exploit-db.com/exploits/5837http://secunia.com/advisories/30728http://secunia.com/advisories/30744http://secunia.com/advisories/30747http://secunia.com/advisories/30753http://securityreason.com/securityalert/4600http://support.citrix.com/article/CTX117751http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsm25860http://www.digit-labs.org/files/exploits/dne2000-call.chttp://www.kb.cert.org/vuls/id/858993http://www.securityfocus.com/bid/29772http://www.vupen.com/english/advisories/2008/1865http://www.vupen.com/english/advisories/2008/1866http://www.vupen.com/english/advisories/2008/1867http://www.vupen.com/english/advisories/2008/1868https://exchange.xforce.ibmcloud.com/vulnerabilities/43153https://www.exploit-db.com/exploits/5837
2008-11-18
Published