-->Deja-Vu: Cisco VPN Windows Client Privilege Escalation
-->Published: 2011-06-28,
Last Updated: 2011-06-28 20:14:39 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)Cisco released earlier today a bulletin regarding a vulnerability in the Cisco VPN client for Windows 7. The vulnerability is pretty simple: The client runs as a service, and all users logged in interactively have full access to the executable. A user could now replace the executable, restart the system and have the replacement running under the LocalSystem account.
The fix is pretty simple: Revoke the access rights for interactive users.
The interesting part : NGS Secure Research found the vulnerability, and released the details after Cisco released the patch [1]. The vulnerability is almost identical to one found in 2007 by the same company in the same product [2]
Very sad at times how some vendors don't learn. Lucky that at least companies like NGS appear to be doing some of the QA for them.
[1] http://www.securityfocus.com/archive/1/518638
[2] http://www.securityfocus.com/archive/1/476812------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Tips for Hiring Security Guard Companies in Los Angeles
-
Security is a paramount concern for businesses, residential complexes,
events, and institutions in Los Angeles. To safeguard assets, ensure the
safety of...
9 mesi fa
Nessun commento:
Posta un commento