Vulnerabilities > CVE-2006-2679 - Local Privilege Escalation vulnerability in Cisco VPN Client
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated, interactive users to gain privileges, possibly due to privileges of dialog boxes, aka bug ID CSCsd79265.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 9 |
Nessus
NASL family | Windows |
NASL id | CISCO_VPN_CLIENT_PRIV_ESCALATION.NASL |
description | The installed Cisco VPN Client version is prone to a privilege escalation attack. By using the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25550 |
published | 2007-06-20 |
reporter | This script is Copyright (C) 2007-2018 Ferdy Riphagen |
source | https://www.tenable.com/plugins/nessus/25550 |
title | Cisco VPN Client Dialer Local Privilege Escalation |
code |
|
References
- http://secunia.com/advisories/20261
- http://securitytracker.com/id?1016156
- http://www.cisco.com/en/US/products/products_security_advisory09186a008069a323.shtml
- http://www.osvdb.org/25888
- http://www.securityfocus.com/bid/18094
- http://www.vupen.com/english/advisories/2006/1964
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26632