Cisco 802.1X Authentication Deployment Products Multiple Vulnerabilities
BID:22648
Info
Cisco 802.1X Authentication Deployment Products Multiple Vulnerabilities
| Bugtraq ID: | 22648 |
| Class: | Design Error |
| CVE: |
CVE-2007-1065 CVE-2007-1066 CVE-2007-1067 CVE-2007-1068 CVE-2007-1064 |
| Remote: | No |
| Local: | Yes |
| Published: | Feb 21 2007 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | These vulnerabilities were reported by the vendor. |
| Vulnerable: |
Cisco Trust Agent 2.0 Cisco Trust Agent 1.0 Cisco Security Agent 5.1 Cisco Security Agent 5.0 Cisco Secure Services Client (SSC) 4.0 Cisco Meetinghouse AEGIS SecureConnect Client 0 |
| Not Vulnerable: | |
Discussion
Cisco 802.1X Authentication Deployment Products Multiple Vulnerabilities
Cisco CSSC and CTA products are prone to an information-disclosure issue and multiple privilege-escalation vulnerabilities because of design flaws in the software.
Exploiting these issues allows local attackers to access sensitive information and to elevate their privileges on affected computers.
Cisco CSSC and CTA products are prone to an information-disclosure issue and multiple privilege-escalation vulnerabilities because of design flaws in the software.
Exploiting these issues allows local attackers to access sensitive information and to elevate their privileges on affected computers.
Exploit / POC
Cisco 802.1X Authentication Deployment Products Multiple Vulnerabilities
Some of these issues do not require exploit code.
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Some of these issues do not require exploit code.
Currently we are not aware of any exploits for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Cisco 802.1X Authentication Deployment Products Multiple Vulnerabilities
Solution:
Cisco has released advisories along with fixes to address these issues. Please see the referenced advisories for information on obtaining and applying fixes.
A fix for Cisco Bug ID http://intellishield.cisco.com/security/alertmanager/cvss?vector=AV:L/AC:L/Au:NR/C:P/I:N/A:N/B:N/E:F/RL:O/RC:C has been provided; please see the updated original advisory for details.
Solution:
Cisco has released advisories along with fixes to address these issues. Please see the referenced advisories for information on obtaining and applying fixes.
A fix for Cisco Bug ID http://intellishield.cisco.com/security/alertmanager/cvss?vector=AV:L/AC:L/Au:NR/C:P/I:N/A:N/B:N/E:F/RL:O/RC:C has been provided; please see the updated original advisory for details.
References
Cisco 802.1X Authentication Deployment Products Multiple Vulnerabilities
References:
References:
- Cisco Secure Desktop Homepage (Cisco)
- Cisco Security Advisory: Multiple Vulnerabilities in 802.1X Supplicant (Cisco Systems Product Security Incident Response Team
- Cisco Security Advisory: Multiple Vulnerabilities in 802.1X Supplicant (Cisco)