Cisco VPN Client Dialer Local Privilege Escalation

This script is Copyright (C) 2007-2013 Ferdy Riphagen

Synopsis :

The remote windows host contains an application that is affected by a
privilege escalation vulnerability.

Description :

The installed Cisco VPN Client version is prone to a privilege
escalation attack. By using the 'Start before logon' feature in the
VPN client dialer, a local attacker may gain privileges and execute
arbitrary commands with SYSTEM privileges.

See also :

Solution :

Upgrade to version or a later.

Risk factor :

Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.5
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25550 (cisco_vpn_client_priv_escalation.nasl)

Bugtraq ID: 18094

CVE ID: CVE-2006-2679

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now