TITLE: Cisco Security Agent Local Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA17815 VERIFY ADVISORY: http://secunia.com/advisories/17815/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: Cisco Security Agent (CSA) 4.x http://secunia.com/product/4246/ DESCRIPTION: A vulnerability has been reported in Cisco Security Agent (CSA), which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an unspecified error in CSA on the Windows platform. This can be exploited by malicious users to gain SYSTEM privileges on a vulnerable system. The vulnerability has been reported in the following versions: * Cisco CSA version 4.5.0 (all builds) managed and standalone agents. * Cisco CSA version 4.5.1 (all builds) managed and standalone agents. * Cisco CSA version 4.5.0 (build 573) for CallManager. * Cisco CSA version 4.5.1 (build 628) for CallManager. * Cisco CSA version 4.5.1 (build 616) for Intelligent Contact Management (ICM), IPCC Enterprise, and IPCC Hosted. * Cisco CSA version 4.5.0 ( build 573) for Cisco Voice Portal (CVP) 3.0 and 3.1. SOLUTION: Update to version 4.5.1.639. Management Center for Cisco Security Agents: http://www.cisco.com/pcgi-bin/tablebuild.pl/csa CSA for CallManager: http://www.cisco.com/pcgi-bin/tablebuild.pl/cmva-3des CSA for ICM, IPCC Enterprise, and IPCC Hosted: http://www.cisco.com/pcgi-bin/tablebuild.pl/csa10-crypto CSA for CVP 3.0 and 3.1: http://www.cisco.com/pcgi-bin/tablebuild.pl/csa-cvp-20 PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------