Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 22/02/2007 Updated: 29/07/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco secure services client 4.0.51
cisco security agent 5.0
cisco trust agent 2.0
cisco trust agent 2.0.1
cisco secure services client 4.0
cisco secure services client 4.0.5
cisco trust agent 2.1
meetinghouse aegis secureconnect client windows_platform
cisco security agent 5.1
cisco trust agent 1.0

CWE-255 http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml http://www.securityfocus.com/bid/22648 http://www.securitytracker.com/id?1017683 http://www.securitytracker.com/id?1017684 http://secunia.com/advisories/24258 http://osvdb.org/33046 http://www.vupen.com/english/advisories/2007/0690 https://exchange.xforce.ibmcloud.com/vulnerabilities/32626 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-1068

Vulnerability Summary

References

Vulmon Search

About

Products

Connect