CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2007-1066
https://notcve.org/view.php?id=CVE-2007-1066
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting "a thread under ConnectionClient.exe," aka CSCsg20558. Cisco Secure Services Client (CSSC) versiones 4.x, Trust Agent versiones 1.x y 2.x, Cisco Security Agent (CSA) versiones 5.0 y 5.1 (cuando ha sido desplegado un Trust Agent vulnerable), y el Meetinghouse AEGIS SecureConnect Client, usan una Discretionary Access Control Lists (DACL) predeterminada y no segura para la interfaz gráfica de usuario (GUI) de conexión cliente, lo que permite a usuarios locales alcanzar privilegios inyectando "a thread under ConnectionClient.exe," también se conoce como CSCsg20558. • http://osvdb.org/33047 http://secunia.com/advisories/24258 http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml http://www.securityfocus.com/bid/22648 http://www.securitytracker.com/id?1017683 http://www.securitytracker.com/id?1017684 http://www.vupen.com/english/advisories/2007/0690 https://exchange.xforce.ibmcloud.com/vulnerabilities/32625 •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2007-1067
https://notcve.org/view.php?id=CVE-2007-1067
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624. Cisco Secure Services Client (CSSC) versiones 4.x, Trust Agent versiones 1.x y 2.x, Cisco Security Agent (CSA) versiones 5.0 y 5.1 (cuando ha sido implementado un Trust Agent vulnerable), y el Meetinghouse AEGIS SecureConnect Client, no analizan apropiadamente los comandos, lo que permite a usuarios locales alcanzar privilegios por medio de vectores no especificados, también se conoce como CSCsh30624. • http://osvdb.org/33045 http://secunia.com/advisories/24258 http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml http://www.securityfocus.com/bid/22648 http://www.securitytracker.com/id?1017683 http://www.securitytracker.com/id?1017684 http://www.vupen.com/english/advisories/2007/0690 https://exchange.xforce.ibmcloud.com/vulnerabilities/32624 •
CVSS: 7.5EPSS: 14%CPEs: 1EXPL: 0CVE-2006-5660
https://notcve.org/view.php?id=CVE-2006-5660
Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server. Cisco Security Agent Management Center (CSAMC) 5.1 versiones anteriores a 5.1.0.79 no gestiona apropiadamente errores concretos LDAP, que permite a atacantes remotos evitar requerimientos de autenticación mediante una clave vacía al utilizar un servidor LDAP externo. • http://secunia.com/advisories/22684 http://securitytracker.com/id?1017148 http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml http://www.kb.cert.org/vuls/id/778648 http://www.osvdb.org/30169 http://www.securityfocus.com/bid/20852 http://www.vupen.com/english/advisories/2006/4308 https://exchange.xforce.ibmcloud.com/vulnerabilities/29955 •
CVSS: 7.8EPSS: 2%CPEs: 11EXPL: 0CVE-2006-5553
https://notcve.org/view.php?id=CVE-2006-5553
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options. Cisco Security Agent (CSA) para Linux 4.5 anteriores a 4.5.1.657 y 5.0 anteriores a 5.0.0.193, tal y como se usan en Unified CallManager (CUCM) y Unified Presence Server (CUPS), permite a atacantes remotos provocar una denegación de servicio (resource consumption) mediante una exploración de puertos con opciones concretas. • http://secunia.com/advisories/22574 http://securitytracker.com/id?1017118 http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml http://www.osvdb.org/30055 http://www.securityfocus.com/bid/20737 http://www.vupen.com/english/advisories/2006/4198 https://exchange.xforce.ibmcloud.com/vulnerabilities/29829 •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3886
https://notcve.org/view.php?id=CVE-2005-3886
Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software. • http://secunia.com/advisories/17815 http://securityreason.com/securityalert/224 http://securitytracker.com/id?1015283 http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml http://www.securityfocus.com/bid/15618 http://www.vupen.com/english/advisories/2005/2655 •