CVE-2007-1064

Currently unrated

Key Information:

Vendor: Cisco
Status: Trust Agent; Security Agent; Secure Services Client; Aegis Secureconnect Client
Vendor: CVE Published:; 22 February 2007

Summary

Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120.

References

http://secunia.com/advisories/24258

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/0690

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/bid/22648

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 22, 2007
Vulnerability Reserved
Feb 21, 2007