Cisco Trust Agent for Mac OS X Local Privilege Escalation Vulnerability
TITLE: Cisco Trust Agent for Mac OS X Local Privilege Escalation Vulnerability
CLASS: Design Error
CVE:
REMOTE: No
LOCAL: Yes
PUBLISHED: Jun 11 2007 12:00AM
UPDATE: Jun 13 2007 05:49AM
CREDIT: Adam Blake of Deloitte, UK is credited with the discovery of this vulnerability.
VULNERABLE:
Cisco Trust Agent 2.1.103 .0NOT VULNERABLE:
Cisco Trust Agent 2.0
Cisco Trust Agent 1.0
Cisco Trust Agent 2.1.104 .0
Vai alla pagina originale su Security Focus
Discussion
Cisco Trust Agent for Mac OS X is prone to a local privilege-escalation vulnerability because of the method that the application uses to deliver notifications to users.
Successfully exploiting this issue allows local users to gain superuser-level privileges on affected computers if it is exploited before an authorized user is authenticated. If exploited after an authorized user has been authenticated, attackers may gain user-level access to affected computers.
Versions of Cisco Trust Agent prior to 2.1.104.0 are vulnerable to this issue when running on Apple Mac OS X. Other platforms are not affected.
This issue is documented in Cisco bug ID CSCsi58799.
Exploit
Attackers use core OS functionality to exploit this issue. No specific exploit code is required.
Solution
Solution:
Cisco has released Cisco Trust Agent 2.1.104.0 to address this issue. Please see the references for more information.
Registered customers may obtain the update at:
http://www.cisco.com/pcgi-bin/tablebuild.pl/cta
References
References:
- Cisco Trust Agent Product Page (Cisco)
- Cisco Trust Agent Vulnerability (adblake@deloitte.co.uk)
- Cisco Security Response: Cisco Trust Agent - Mac OS X Privilege Escalation Vulne (Cisco)