Privilege Escalation Vulnerability in Cisco Secure Services Client and Trust Agent
CVE-2007-1067

Currently unrated

Key Information:

Vendor: Cisco
Status: Trust Agent; Security Agent; Aegis Secureconnect Client; Secure Services Client
Vendor: CVE Published:; 22 February 2007

Summary

The Cisco Secure Services Client (CSSC) versions 4.x, along with Trust Agent versions 1.x and 2.x, and Cisco Security Agent versions 5.0 and 5.1, are vulnerable due to improper command parsing. This flaw allows local users to exploit unspecified vectors to gain elevated privileges, potentially compromising system integrity. Additionally, the Meetinghouse AEGIS SecureConnect Client is affected, presenting a risk to environments relying on these technologies. It is essential for users to apply the latest patches and updates to mitigate potential security breaches.

References

http://secunia.com/advisories/24258

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/33045

vdb-entryx_refsource_OSVDB

https://exchange.xforce.ibmcloud.com/vulnerabilities/32624

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Feb 22, 2007
Vulnerability Reserved
Feb 21, 2007