EUVD-2007-4398

Malware in sbrugna...

Cisco VPN Client cvpnd.exe Privilege Escalation

The Cisco VPN client installed on the remote host has a privilege escalation vulnerability. cvpnd.exe, which is executed by the Cisco VPN Service, has insecure permissions. A local attacker could replace this file with arbitrary code, which would later be executed by the Cisco VPN Service,...

Windows平台的Cisco VPN客户端多个本地权限提升漏洞

BUGTRAQ ID: 25332 Cisco VPN客户端允许用户创建到支持Cisco VPN设备的IPSec VPN隧道。 Microsoft Windows的Cisco VPN客户端中存在两个漏洞，允许本地非特权用户提升权限。 1. 通过Microsoft Windows拨号网络接口的本地权限提升 非特权用户可以通过启用Start Before Logon（SBL）功能并配置VPN配置使用Microsoft拨号网络接口将权限提升到LocalSystem帐号用户的权限。如果同时启用并配置了这两个设置，就可以在Windows登录窗口中使用Cisco...

Code injection

Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield IS release, uses weak permissions for cvpnd.exe Modify granted to Interactive Users, which allows local users to gain privileges via a modified cvpnd.exe...