Showing 1 - 1 of 1

CVE-2015-6306

Status Candidate

Overview

Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.

Related Files

Cisco AnyConnect DMG Install Script Privilege Escalation: Posted Sep 24, 2015; Authored by Yorick Koster, Securify B.V.; Cisco AnyConnect Secure Mobility Client for OS X is affected by a vulnerability that allows local attackers to mount arbitrary DMG files at arbitrary mount points. By exploiting this vulnerability is is possible for the attacker to gain root privileges. Cisco reports that a similar issue also exists in Cisco AnyConnect Secure Mobility Client for Linux.; tags | exploit, arbitrary, local, root; systems | cisco, linux, apple, osx; advisories | CVE-2015-6306; SHA-256 | 66660159f211f495d60f7ca1acea5dbe4e444722621da4f69354d6747a67fc1b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 163 files
Ubuntu 101 files
indoushka 69 files
Debian 23 files
nu11secur1ty 20 files
CraCkEr 8 files
Google Security Research 7 files
Gentoo 7 files
Apple 6 files
bluedragonsec 4 files

File Archives

Systems

AIX (428)
Apple (2,009)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,842)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,329)
HPUX (879)
iOS (353)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,811)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,916)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,938)
UNIX (9,313)
UnixWare (186)
Windows (6,588)
Other

CVE-2015-6306

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems