Showing 1 - 1 of 1

CVE-2015-6306

Status Candidate

Overview

Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947.

Related Files

Cisco AnyConnect DMG Install Script Privilege Escalation: Posted Sep 24, 2015; Authored by Yorick Koster, Securify B.V.; Cisco AnyConnect Secure Mobility Client for OS X is affected by a vulnerability that allows local attackers to mount arbitrary DMG files at arbitrary mount points. By exploiting this vulnerability is is possible for the attacker to gain root privileges. Cisco reports that a similar issue also exists in Cisco AnyConnect Secure Mobility Client for Linux.; tags | exploit, arbitrary, local, root; systems | cisco, linux, apple, osx; advisories | CVE-2015-6306; SHA-256 | 66660159f211f495d60f7ca1acea5dbe4e444722621da4f69354d6747a67fc1b; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 249 files
Jay Turla 150 files
indoushka 147 files
Ubuntu 62 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (430)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,118)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (881)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,071)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,733)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,808)
UNIX (9,452)
UnixWare (188)
Windows (6,763)
Other

CVE-2015-6306

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems