CVE-2007-4415
N/A
N/A
Summary
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/archive/1/476812/100/0/threaded
- http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml
- http://www.vupen.com/english/advisories/2007/2903
- http://securityreason.com/securityalert/3023
- http://secunia.com/advisories/26459
- http://www.securityfocus.com/bid/25332
- http://securitytracker.com/id?1018573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36032
References
- http://www.securityfocus.com/archive/1/476812/100/0/threaded
- http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml
- http://www.vupen.com/english/advisories/2007/2903
- http://securityreason.com/securityalert/3023
- http://secunia.com/advisories/26459
- http://www.securityfocus.com/bid/25332
- http://securitytracker.com/id?1018573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36032
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.