This script is Copyright (C) 2016 Tenable Network Security, Inc.
The VPN client installed on the remote Windows host is affected by a
local privilege escalation vulnerability.
The version of the Cisco VPN client installed on the remote host
is 5.x prior or equal to 5.0.07.0440. It is, therefore, affected by a
flaw due to insecure permissions for file vpnclient.ini. A local
attacker can exploit this, by inserting an arbitrary program name in
the Command field of the ApplicationLauncher section of that file, to
execute arbitrary code with elevated privileges.
See also :
This software is no longer supported. Contact the vendor for options.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 6.8
Public Exploit Available : true