Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2678

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-2678
Last Modified 21 Sep 2011 11:32:10
Published 07 Jul 2011 03:55:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-2678

Summary

The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions (NT AUTHORITY\INTERACTIVE:F) for cvpnd.exe, which allows local users to gain privileges by replacing this executable file with an arbitrary program, aka Bug ID CSCtn50645. NOTE: this vulnerability exists because of a CVE-2007-4415 regression.

Vulnerable Systems

Application

  • Cisco Vpn Client 5.0.7.0240

  • Cisco Vpn Client 5.0.7.0290


References

XF - cisco-vpn-cvpnd-priv-esc(68485)

BUGTRAQ - 20110628 NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation

CISCO - 20070815 Local Privilege Escalation Vulnerabilities in Cisco VPN Client

SREASON - 8297

MISC - http://isc.sans.edu/diary.html?storyid=11125


Last Updated: 27 May 2016 10:57:04