Cisco VPN Client 5.x up to and including 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the ApplicationLauncher section.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco vpn client 5.0.04.0300 |
||
cisco vpn client 5.0.05.0290 |
||
cisco vpn client 5.0.06.0160 |
||
cisco vpn client 5.0.07.0290 |
||
cisco vpn client 5.0.07.0410 |
||
cisco vpn client 5.0.01.0600 |
||
cisco vpn client 5.0.03.0530 |
||
cisco vpn client 5.0.07.0440 |
||
cisco vpn client 5.0.2.0090 |
||
cisco vpn client 5.0 |
||
cisco vpn client 5.0.01 |
||
cisco vpn client 5.0.6 |
||
cisco vpn client 5.0.7 |
||
cisco vpn client 5.0.7.0240 |
||
cisco vpn client 5.0.7.0290 |
||
cisco vpn client 5.0.02.0090 |
||
cisco vpn client 5.0.03.0560 |
||
cisco vpn client 5.0.2 |
||
cisco vpn client 5.0.5 |
||
cisco vpn client 5.0.7.0440 |