CVE-2007-1066
https://notcve.org/view.php?id=CVE-2007-1066
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting "a thread under ConnectionClient.exe," aka CSCsg20558. Cisco Secure Services Client (CSSC) versiones 4.x, Trust Agent versiones 1.x y 2.x, Cisco Security Agent (CSA) versiones 5.0 y 5.1 (cuando ha sido desplegado un Trust Agent vulnerable), y el Meetinghouse AEGIS SecureConnect Client, usan una Discretionary Access Control Lists (DACL) predeterminada y no segura para la interfaz gráfica de usuario (GUI) de conexión cliente, lo que permite a usuarios locales alcanzar privilegios inyectando "a thread under ConnectionClient.exe," también se conoce como CSCsg20558. • http://osvdb.org/33047 http://secunia.com/advisories/24258 http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml http://www.securityfocus.com/bid/22648 http://www.securitytracker.com/id?1017683 http://www.securitytracker.com/id?1017684 http://www.vupen.com/english/advisories/2007/0690 https://exchange.xforce.ibmcloud.com/vulnerabilities/32625 •
CVE-2007-1067
https://notcve.org/view.php?id=CVE-2007-1067
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624. Cisco Secure Services Client (CSSC) versiones 4.x, Trust Agent versiones 1.x y 2.x, Cisco Security Agent (CSA) versiones 5.0 y 5.1 (cuando ha sido implementado un Trust Agent vulnerable), y el Meetinghouse AEGIS SecureConnect Client, no analizan apropiadamente los comandos, lo que permite a usuarios locales alcanzar privilegios por medio de vectores no especificados, también se conoce como CSCsh30624. • http://osvdb.org/33045 http://secunia.com/advisories/24258 http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml http://www.securityfocus.com/bid/22648 http://www.securitytracker.com/id?1017683 http://www.securitytracker.com/id?1017684 http://www.vupen.com/english/advisories/2007/0690 https://exchange.xforce.ibmcloud.com/vulnerabilities/32624 •
CVE-2006-5553
https://notcve.org/view.php?id=CVE-2006-5553
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options. Cisco Security Agent (CSA) para Linux 4.5 anteriores a 4.5.1.657 y 5.0 anteriores a 5.0.0.193, tal y como se usan en Unified CallManager (CUCM) y Unified Presence Server (CUPS), permite a atacantes remotos provocar una denegación de servicio (resource consumption) mediante una exploración de puertos con opciones concretas. • http://secunia.com/advisories/22574 http://securitytracker.com/id?1017118 http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml http://www.osvdb.org/30055 http://www.securityfocus.com/bid/20737 http://www.vupen.com/english/advisories/2006/4198 https://exchange.xforce.ibmcloud.com/vulnerabilities/29829 •
CVE-2005-0356 – TCP TIMESTAMPS - Denial of Service
https://notcve.org/view.php?id=CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. • https://www.exploit-db.com/exploits/1008 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:15.tcp.asc ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.64/SCOSA-2005.64.txt http://secunia.com/advisories/15393 http://secunia.com/advisories/15417 http://secunia.com/advisories/18222 http://secunia.com/advisories/18662 http://support.avaya.com/elmodocs2/security/ASA-2006-032.htm http://www.cisco.com/warp/public/707/cisco-sn-20050518-tcpts.shtml http:/& •