Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-5808 | First vendor Publication | 2006-11-08 |
Vendor | Cve | Last vendor Modification | 2017-07-20 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.6 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka "Local Privilege Escalation". |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5808 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
30308 | Cisco Secure Desktop (CSD) Installation Permission Weakness Local Privilege E... Cisco Secure Desktop contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the Web VPN product is installed on a NTFS formatted drive, and permissions are set to full control for all users. Several executable run with System privileges, and are easily replaced. This flaw may lead to a loss of integrity. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-05 01:02:59 |
|
2021-05-04 12:04:50 |
|
2021-04-22 01:05:26 |
|
2020-05-24 01:03:01 |
|
2020-05-23 00:18:41 |
|
2018-12-04 12:02:02 |
|
2017-07-20 09:24:00 |
|
2016-06-28 16:00:08 |
|
2016-04-26 15:16:55 |
|
2013-05-11 11:13:38 |
|