CVE-2011-2678 - The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions (NT

CVE-2011-2678

Summary

The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions (NT AUTHORITY\INTERACTIVE:F) for cvpnd.exe, which allows local users to gain privileges by replacing this executable file with an arbitrary program, aka Bug ID CSCtn50645. NOTE: this vulnerability exists because of a CVE-2007-4415 regression.

References

Vulnerable Configurations

cpe:2.3:a:cisco:vpn_client:5.0.7.0240:*:*:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:5.0.7.0240:*:*:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:5.0.7.0290:*:*:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:5.0.7.0290:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 09-10-2018 - 19:32)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:S/C:C/I:C/A:C

refmap via4

bugtraq	20110628 NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation
cisco	20070815 Local Privilege Escalation Vulnerabilities in Cisco VPN Client
misc	http://isc.sans.edu/diary.html?storyid=11125
sreason	8297
xf	cisco-vpn-cvpnd-priv-esc(68485)

Last major update

09-10-2018 - 19:32

Published

07-07-2011 - 19:55

Last modified

09-10-2018 - 19:32