34 matches found
EUVD-2007-1062
Malware in sbrugna...
EUVD-2007-1064
Malware in sbrugna...
EUVD-2007-1061
Malware in sbrugna...
EUVD-2007-3176
Malware in sbrugna...
CVE-2022-33716
An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attacker to read uninitialized memory...
CVE-2007-3184
Cisco Trust Agent CTA before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server ACS produces a user notification message after posture...
Authentication flaw
Cisco Trust Agent CTA before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server ACS produces a user notification message after posture...
CVE-2007-3184
Cisco Trust Agent (CTA) for Mac OS X prior to 2.1(104).0 is vulnerable to a local, unauthenticated attack with physical access: when the ACS prompts a user notification after posture validation, an attacker can interact with the Apple Menu to bypass authentication and access System Preferences wi...
CVE-2007-3184
Cisco Trust Agent CTA before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server ACS produces a user notification message after posture...
Cisco Trust Agent for Mac OS X privilege escalation
It's possible to manipulate system settings with root permissions while message is displayed during user logon...
Cisco Trust Agent Vulnerability
Vulnerability: There is a vulnerability affecting the latest version v2.1.103.0 of the Cisco Trust Agent software for MacOS X that can allow an individual with physical access to an endpoint to bypass authentication and gain administrative access to the local machine. Description: When Cisco Secu...
Cisco Trust Agent Local Privilege Escalation Vulnerability
Cisco Trust Agent versions 2.1103 and prior contain a vulnerability when running on Apple Mac OS X that could allow an unauthenticated, local user to bypass security restrictions and gain unauthorized access to the affected system. This vulnerability exists due to improper display of user...
CVE-2007-1800
Cisco Secure ACS does not require authentication when Cisco Trust Agent CTA transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and...
Design/Logic Flaw
Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists DACL for the connection client GUI, whic...
Authentication flaw
The 1 TTLS CHAP, 2 TTLS MSCHAP, 3 TTLS MSCHAPv2, 4 TTLS PAP, 5 MD5, 6 GTC, 7 LEAP, 8 PEAP MSCHAPv2, 9 PEAP GTC, and 10 FAST authentication methods in Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deploye...
CVE-2007-1067
Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors...
CVE-2007-1065
Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka...
Design/Logic Flaw
Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors...
CVE-2007-1064
Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local...
CVE-2007-1066
Cisco Secure Services Client CSSC 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent CSA 5.0 and 5.1 when a vulnerable Trust Agent has been deployed, and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists DACL for the connection client GUI, whic...