CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2019-6145
https://notcve.org/view.php?id=CVE-2019-6145
Forcepoint VPN Client for Windows versions lower than 6.6.1 have an unquoted search path vulnerability. This enables local privilege escalation to SYSTEM user. By default, only local administrators can write executables to the vulnerable directories. Forcepoint thanks Peleg Hadar of SafeBreach Labs for finding this vulnerability and for reporting it to us. Forcepoint VPN Client para Windows versiones anteriores a 6.6.1, presenta una vulnerabilidad de ruta de búsqueda sin comillas. • https://help.forcepoint.com/security/CVE/CVE-2019-6145.html https://safebreach.com/Post/Forcepoint-VPN-Client-for-Windows-Unquoted-Search-Path-and-Potential-Abuses-CVE-2019-6145 • CWE-428: Unquoted Search Path or Element •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2019-6724
https://notcve.org/view.php?id=CVE-2019-6724
The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root. El componente barracudavpn de Barracuda VPN Client, en versiones anteriores a la 5.0.2.7 para Linux, macOS y OpenBSD, se ejecuta como proceso privilegiado y puede permitir que un atacante local sin privilegios cargue una librería maliciosa, lo que resulta en la ejecución de código arbitrario como root. • http://campus.barracuda.com/product/networkaccessclient/doc/78154147/release-notes-barracuda-vpn-client-for-macos https://blog.mirch.io/2019/02/14/cve-2019-6724-barracuda-vpn-client-privilege-escalation-on-linux-and-macos https://campus.barracuda.com/product/networkaccessclient/doc/78154149/release-notes-barracuda-vpn-client-for-linux • CWE-426: Untrusted Search Path •
CVSS: 2.1EPSS: 0%CPEs: 21EXPL: 4CVE-2009-4118 – Cisco VPN Client - Integer Overflow Denial of Service
https://notcve.org/view.php?id=CVE-2009-4118
The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of service (service crash and VPN connection loss) via a manual start of cvpnd.exe while the cvpnd service is running. La función StartServiceCtrlDispatcher en el servicio cvpnd (cvpnd.exe) del cliente Cisco VPN para Windows versiones anteriores a 5.0.06.0100 no maneja correctamente un error ERROR_FAILED_SERVICE_CONTROLLER_CONNECT, permitiendo que usuarios locales provoquen una denegación de servicio (parada del servicio y perdida de conexión VPN) mediante un inicio manual de cvpnd.exe mientras se está ejecutando el servicio cvpnd. • https://www.exploit-db.com/exploits/10190 https://github.com/alt3kx/CVE-2009-4118 http://packetstormsecurity.org/0911-exploits/sybsec-adv17.txt http://secunia.com/advisories/37419 http://tools.cisco.com/security/center/viewAlert.x?alertId=19445 http://www.securityfocus.com/bid/37077 http://www.vupen.com/english/advisories/2009/3296 •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4415
https://notcve.org/view.php?id=CVE-2007-4415
Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe. Cisco VPN Client sobre Windows anterior a 5.0.01.0600, y la versión 5.0.01.0600 InstallShield (IS), utiliza permisos débiles para cvpnd.exe (modificando los privilegios en Interactive Users), lo cual permite a usuarios locales ganar privilegios a través de un cvpnd.exe modificado. • http://secunia.com/advisories/26459 http://securityreason.com/securityalert/3023 http://securitytracker.com/id?1018573 http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml http://www.securityfocus.com/archive/1/476812/100/0/threaded http://www.securityfocus.com/bid/25332 http://www.vupen.com/english/advisories/2007/2903 https://exchange.xforce.ibmcloud.com/vulnerabilities/36032 •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4414
https://notcve.org/view.php?id=CVE-2007-4414
Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box. Cisco VPN Client sobre Windows anterior a 4.8.02.0010 permite a usuarios locales obtener privilegios habilitando las opciones "Iniciar Antes del Inicio de Sesión" (Start Before Logon o SBL) y Conexión de Acceso Telefónico Remoto de Microsoft (Microsoft Dial-Up Networking), y después interactuando con el cuadro de diálogo de conexión de acceso remoto. • http://secunia.com/advisories/26459 http://securitytracker.com/id?1018573 http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml http://www.securityfocus.com/bid/25332 http://www.vupen.com/english/advisories/2007/2903 https://exchange.xforce.ibmcloud.com/vulnerabilities/36029 •