Page 3 of 18 results (0.006 seconds)

CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0

Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box. Cisco VPN Client sobre Windows anterior a 4.8.02.0010 permite a usuarios locales obtener privilegios habilitando las opciones "Iniciar Antes del Inicio de Sesión" (Start Before Logon o SBL) y Conexión de Acceso Telefónico Remoto de Microsoft (Microsoft Dial-Up Networking), y después interactuando con el cuadro de diálogo de conexión de acceso remoto. • http://secunia.com/advisories/26459 http://securitytracker.com/id?1018573 http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml http://www.securityfocus.com/bid/25332 http://www.vupen.com/english/advisories/2007/2903 https://exchange.xforce.ibmcloud.com/vulnerabilities/36029 •

CVSS: 7.2EPSS: 0%CPEs: 9EXPL: 0

Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated, interactive users to gain privileges, possibly due to privileges of dialog boxes, aka bug ID CSCsd79265. • http://secunia.com/advisories/20261 http://securitytracker.com/id?1016156 http://www.cisco.com/en/US/products/products_security_advisory09186a008069a323.shtml http://www.osvdb.org/25888 http://www.securityfocus.com/bid/18094 http://www.vupen.com/english/advisories/2006/1964 https://exchange.xforce.ibmcloud.com/vulnerabilities/26632 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS). • http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml http://www.securityfocus.com/bid/5649 https://exchange.xforce.ibmcloud.com/vulnerabilities/10042 •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks. • http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml http://www.securityfocus.com/bid/5652 https://exchange.xforce.ibmcloud.com/vulnerabilities/10045 •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing. • http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml http://www.securityfocus.com/bid/5653 https://exchange.xforce.ibmcloud.com/vulnerabilities/10046 •