Computer Security
[EN] securityvulns.ru no-pyccku


Cisco AnyConnect privilege escalation
Published:12.10.2015
Source:
SecurityVulns ID:14721
Type:local
Threat Level:
5/10
Description:Privilege escalation via DLLs and DMG files.
Affected:CISCO : AnyConnect Secure Mobility Client 4.1
CVE:CVE-2015-6306 (Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.)
 CVE-2015-6305 (Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.)
Original documentdocumentSecurify B.V., Cisco AnyConnect elevation of privileges via DLL side loading (12.10.2015)
 documentSecurify B.V., Cisco AnyConnect elevation of privileges via DMG install script (12.10.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod