Local Privilege Escalation in Cisco Secure Desktop by Cisco
CVE-2006-5808

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Desktop
Vendor: CVE Published:; 8 November 2006

Summary

Cisco Secure Desktop versions prior to 3.1.1.45 are vulnerable due to insecure default permissions that allow all users full control over the CSD directory. This misconfiguration can enable local users to replace CSD executables, leading to unauthorized privilege escalation on the system. Organizations using affected versions must address this vulnerability by adjusting permissions and upgrading to a secure version.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30128

vdb-entryx_refsource_XF

http://securitytracker.com/id?1017195

vdb-entryx_refsource_SECTRACK

http://labs.idefense.com/intelligence/vulnerabilities/dis...

third-party-advisoryx_refsource_IDEFENSE

Timeline

Vulnerability published
Nov 8, 2006
Vulnerability Reserved
Nov 8, 2006