Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Secure_services_client | Cisco | 4.0 (including) | 4.0 (including) |
| Secure_services_client | Cisco | 4.0.5 (including) | 4.0.5 (including) |
| Secure_services_client | Cisco | 4.0.51 (including) | 4.0.51 (including) |
| Security_agent | Cisco | 5.0 (including) | 5.0 (including) |
| Security_agent | Cisco | 5.1 (including) | 5.1 (including) |
| Trust_agent | Cisco | 1.0 (including) | 1.0 (including) |
| Trust_agent | Cisco | 2.0 (including) | 2.0 (including) |
| Trust_agent | Cisco | 2.0.1 (including) | 2.0.1 (including) |
| Trust_agent | Cisco | 2.1 (including) | 2.1 (including) |
| Aegis_secureconnect_client | Meetinghouse | windows_platform (including) | windows_platform (including) |
References
- http://osvdb.org/33048
- http://secunia.com/advisories/24258
- http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml
- http://www.securityfocus.com/bid/22648
- http://www.securitytracker.com/id?1017683
- http://www.securitytracker.com/id?1017684
- http://www.vupen.com/english/advisories/2007/0690
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32622
- http://osvdb.org/33048
- http://secunia.com/advisories/24258
- http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml
- http://www.securityfocus.com/bid/22648
- http://www.securitytracker.com/id?1017683
- http://www.securitytracker.com/id?1017684
- http://www.vupen.com/english/advisories/2007/0690
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32622