Secunia Security Advisory - A vulnerability has been reported in Cisco Security Agent (CSA), which can be exploited by malicious, local users to gain escalated privileges.
c2536e51a9360cdeef32074e50488879996b5d56e0f4531bed81b3cc141f72f9
TITLE:
Cisco Security Agent Local Privilege Escalation Vulnerability
SECUNIA ADVISORY ID:
SA17815
VERIFY ADVISORY:
http://secunia.com/advisories/17815/
CRITICAL:
Less critical
IMPACT:
Privilege escalation
WHERE:
Local system
SOFTWARE:
Cisco Security Agent (CSA) 4.x
http://secunia.com/product/4246/
DESCRIPTION:
A vulnerability has been reported in Cisco Security Agent (CSA),
which can be exploited by malicious, local users to gain escalated
privileges.
The vulnerability is caused due to an unspecified error in CSA on the
Windows platform. This can be exploited by malicious users to gain
SYSTEM privileges on a vulnerable system.
The vulnerability has been reported in the following versions:
* Cisco CSA version 4.5.0 (all builds) managed and standalone
agents.
* Cisco CSA version 4.5.1 (all builds) managed and standalone
agents.
* Cisco CSA version 4.5.0 (build 573) for CallManager.
* Cisco CSA version 4.5.1 (build 628) for CallManager.
* Cisco CSA version 4.5.1 (build 616) for Intelligent Contact
Management (ICM), IPCC Enterprise, and IPCC Hosted.
* Cisco CSA version 4.5.0 ( build 573) for Cisco Voice Portal (CVP)
3.0 and 3.1.
SOLUTION:
Update to version 4.5.1.639.
Management Center for Cisco Security Agents:
http://www.cisco.com/pcgi-bin/tablebuild.pl/csa
CSA for CallManager:
http://www.cisco.com/pcgi-bin/tablebuild.pl/cmva-3des
CSA for ICM, IPCC Enterprise, and IPCC Hosted:
http://www.cisco.com/pcgi-bin/tablebuild.pl/csa10-crypto
CSA for CVP 3.0 and 3.1:
http://www.cisco.com/pcgi-bin/tablebuild.pl/csa-cvp-20
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------