CVE-2007-4415
CVE-2007-4415
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://secunia.com/advisories/26459http://securityreason.com/securityalert/3023http://securitytracker.com/id?1018573https://exchange.xforce.ibmcloud.com/vulnerabilities/36032http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtmlhttp://www.securityfocus.com/archive/1/476812/100/0/threadedhttp://www.securityfocus.com/bid/25332http://www.vupen.com/english/advisories/2007/2903