BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Local privilege escalation vulnerability in Cisco VPN client Aug 16 2007 09:48AM
NGSSoftware Insight Security Research (nisr ngssoftware com)
=======
Summary
=======
Name: Permissively-ACLed cvpnd.exe allows interactive users to run
arbitrary binaries with Local System Privileges
Release Date: 16 August 2007
Reference: NGS00503
Discover: Dominic Beecher <dominic (at) ngssoftware (dot) com [email concealed]>
Vendor: Cisco
Vendor Reference: cisco-sa-20070815-vpnclient
...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus