Описание
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-4415
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36032
- http://secunia.com/advisories/26459
- http://securityreason.com/securityalert/3023
- http://securitytracker.com/id?1018573
- http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml
- http://www.securityfocus.com/archive/1/476812/100/0/threaded
- http://www.securityfocus.com/bid/25332
- http://www.vupen.com/english/advisories/2007/2903
EPSS
Процентиль: 14%
0.00047
Низкий
CVE ID
Связанные уязвимости
nvd
больше 18 лет назад
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
EPSS
Процентиль: 14%
0.00047
Низкий