• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities

Bugtraq ID:	25332
Class:	Unknown
CVE:
Remote:	No
Local:	Yes
Published:	Aug 15 2007 12:00AM
Updated:	Aug 16 2007 05:13PM
Credit:	A customer reported the Dial-Up Networking issue to the vendor. Dominic Beecher of Next Generation Security Software Ltd. reported the 'cvpnd.exe' issue to the vendor, and provided them with a workaround.
Vulnerable:	Deerfield MDaemon 0 Cisco VPN Client for Windows 5.0.1 Cisco VPN Client for Windows 4.8.2 Cisco VPN Client for Windows 4.8.1 Cisco VPN Client for Windows 4.8 Cisco VPN Client for Windows 4.7 .0533 Cisco VPN Client for Windows 4.0.2 C Cisco VPN Client for Windows 4.0.2 A Cisco VPN Client for Windows 3.6.1 Cisco VPN Client for Windows 3.6 (Rel) Cisco VPN Client for Windows 3.6 Cisco VPN Client for Windows 3.5.4 Cisco VPN Client for Windows 3.5.2 B Cisco VPN Client for Windows 3.5.2 Cisco VPN Client for Windows 3.5.1 C Cisco VPN Client for Windows 3.5.1 Cisco VPN Client for Windows 3.1 Cisco VPN Client for Windows 3.0.5 Cisco VPN Client for Windows 3.0 Cisco VPN Client for Windows 2.0 Cisco VPN Client for Windows 4.7 Cisco VPN Client for Windows 4.6
Not Vulnerable:	Cisco VPN Client for Windows 5.0.1 .0600 Cisco VPN Client for Windows 4.8.2 .0010