Cisco Secure Desktop Multiple Vulnerabilities
BID:20964
Info
Cisco Secure Desktop Multiple Vulnerabilities
| Bugtraq ID: | 20964 |
| Class: | Design Error |
| CVE: |
CVE-2006-5807 CVE-2006-5808 CVE-2006-5806 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 08 2006 12:00AM |
| Updated: | Feb 22 2007 03:46PM |
| Credit: | These vulnerabilities were reported by Titon of Bastard Labs and the vendor. |
| Vulnerable: |
Cisco Secure Desktop 3.1.1 Cisco Secure Desktop 3.1.1.33 Cisco Secure Desktop 3.1 |
| Not Vulnerable: |
Cisco Secure Desktop 3.1.1.45 |
Discussion
Cisco Secure Desktop Multiple Vulnerabilities
Cisco Secure Desktop is susceptible to multiple vulnerabilities. These issues are due to design flaws in the application.
Exploiting these issues allows local attackers to evade application security policies, to access sensitive information, and to gain local system privileges on affected computers.
These vulnerabilities affect Cisco Secure Desktop version 3.1.1.33 and prior.
Cisco Secure Desktop is susceptible to multiple vulnerabilities. These issues are due to design flaws in the application.
Exploiting these issues allows local attackers to evade application security policies, to access sensitive information, and to gain local system privileges on affected computers.
These vulnerabilities affect Cisco Secure Desktop version 3.1.1.33 and prior.
Exploit / POC
Cisco Secure Desktop Multiple Vulnerabilities
An exploit is not required.
An exploit is not required.
Solution / Fix
Cisco Secure Desktop Multiple Vulnerabilities
Solution:
Cisco has released an advisory along with fixes to address this issue. Please see the referenced advisory for information on obtaining and applying fixes.
Solution:
Cisco has released an advisory along with fixes to address this issue. Please see the referenced advisory for information on obtaining and applying fixes.
References
Cisco Secure Desktop Multiple Vulnerabilities
References:
References:
- Cisco Secure Desktop Homepage (Cisco)
- Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Desktop (Cisco Systems Product Security Incident Response Team
) - iDefense Security Advisory 11.08.06: Cisco Secure Desktop Privilege Escalation V (iDefense Labs
) - Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Desktop (Cisco)