4.6

CVE-2006-5808

The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka "Local Privilege Escalation".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
CiscoSecure Desktop Version <= 3.1.1.33
CiscoSecure Desktop Version3.1.1.27
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.36% 0.274
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.6 3.9 6.4
AV:L/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/22747
http://securitytracker.com/id?1017195
http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml
Patch
http://www.securityfocus.com/bid/20964
http://www.vupen.com/english/advisories/2006/4409
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=442
Patch
Vendor Advisory
http://www.osvdb.org/30308
https://exchange.xforce.ibmcloud.com/vulnerabilities/30128