Cisco Security Advisory: Windows VPN Client Local Privilege Escalation Vulnerability
SummaryMore details on this vulnerability can be found here.
The Cisco VPN Client for Windows is affected by a local privilege escalation vulnerability that allows non-privileged users to gain administrative privileges.
A user needs to authenticate and start an interactive Windows session to be able to exploit this vulnerability.
Affected/Vulnerable Products
The following versions of the Cisco VPN Client for Windows (excluding Windows 9x users) are affected:
2.x
3.x
4.0.x
4.6.x
4.7.x with the exception of version 4.7.00.0533
4.8.00.x
This vulnerability is fixed in version 4.8.01.0300 of the Cisco VPN Client for Windows, which can be downloaded from the following location:
http://www.cisco.com/pcgi-bin/tablebuild.pl/windows (registered customers only)
posted by Fergie @ 5/24/2006 10:59:00 AM
0 Comments:
Post a Comment
<< Home