Cisco VPN Client for Windows Multiple Local Privilege Escalation Vulnerabilities

Bugtraq ID: 25332
Class: Unknown
CVE: CVE-2007-4415
CVE-2007-4414
Remote: No
Local: Yes
Published: Aug 15 2007 12:00AM
Updated: Jul 05 2016 10:00PM
Credit: A customer reported the Dial-Up Networking issue to the vendor. Dominic Beecher of Next Generation Security Software Ltd. reported the 'cvpnd.exe' issue to the vendor, and provided them with a workaround.
Vulnerable: Cisco VPN Client for Windows 5.0.1
Cisco VPN Client for Windows 4.8.2
Cisco VPN Client for Windows 4.8.1
Cisco VPN Client for Windows 4.8
Cisco VPN Client for Windows 4.7 .0533
Cisco VPN Client for Windows 4.0.2 C
Cisco VPN Client for Windows 4.0.2 A
Cisco VPN Client for Windows 3.6.1
Cisco VPN Client for Windows 3.6 (Rel)
Cisco VPN Client for Windows 3.6
Cisco VPN Client for Windows 3.5.4
Cisco VPN Client for Windows 3.5.2 B
Cisco VPN Client for Windows 3.5.2
Cisco VPN Client for Windows 3.5.1 C
Cisco VPN Client for Windows 3.5.1
Cisco VPN Client for Windows 3.1
Cisco VPN Client for Windows 3.0.5
Cisco VPN Client for Windows 3.0
Cisco VPN Client for Windows 2.0
Cisco VPN Client for Windows 4.7
Cisco VPN Client for Windows 4.6
Cisco VPN Client 0
Not Vulnerable: Cisco VPN Client for Windows 5.0.1 .0600
Cisco VPN Client for Windows 4.8.2 .0010


 

Privacy Statement
Copyright 2010, SecurityFocus