Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2679

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-2679
Last Modified 07 Mar 2011 09:36:45
Published 31 May 2006 06:06:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-2679

Summary

Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated, interactive users to gain privileges, possibly due to privileges of dialog boxes, aka bug ID CSCsd79265.

Vulnerable Systems

Application

  • Cisco Vpn Client 2.0

  • Cisco Vpn Client 3.0

  • Cisco Vpn Client 3.0.5

  • Cisco Vpn Client 3.1

  • Cisco Vpn Client 3.5.1

  • Cisco Vpn Client 3.5.1c

  • Cisco Vpn Client 3.5.2

  • Cisco Vpn Client 4.7.00.0000

  • Cisco Vpn Client 4.8.00.0000


References

CISCO - 20060524 Windows VPN Client Local Privilege Escalation Vulnerability

SECTRACK - 1016156

SECUNIA - 20261

XF - cisco-winvpn-privilege-escalation(26632)

VUPEN - ADV-2006-1964

BID - 18094

OSVDB - 25888


Last Updated: 27 May 2016 10:42:42