Article

Cisco patches Security Agent flaw

SearchSecurity.com Staff

Malicious local users could gain escalated privileges by exploiting a security hole in Cisco Systems Inc.'s Security Agent (CSA). But updates are available to fix the problem, the San Jose, Calif.-based networking giant said in an advisory

    Requires Free Membership to View

Tuesday.

CSA software provides threat protection for server and desktop computing systems, Cisco said on its Web site. According to the advisory, "A vulnerability exists in CSA agents that can allow a privilege escalation through locally executed software, providing a normal user or attacker with local system level privileges on a Windows workstation or server running managed or standalone CSA 4.5.0 or 4.5.1 agents."

The vulnerability affects:

  • Cisco CSA version 4.5.0 (all builds) managed and standalone agents.
  • Cisco CSA version 4.5.1 (all builds) managed and standalone agents.
  • Cisco CSA version 4.5.0 (build 573) for CallManager
  • Cisco CSA version 4.5.1 (build 628) for CallManager
  • Cisco CSA version 4.5.1 (build 616) for Intelligent Contact Management (ICM), IPCC Enterprise and IPCC Hosted.
  • Cisco CSA version 4.5.0 (build 573) for Cisco Voice Portal (CVP) 3.0 and 3.1.

Cisco said it has made free software available to address this vulnerability. Update installation details are included in the advisory.

Because it can only be exploited locally, Danish vulnerability clearinghouse Secunia has rated the flaw "less critical."

About this time last year, Cisco patched a minor Security Agent flaw that could be exploited by attackers to circumvent the security provided by the host-based intrusion prevention product.

Additionally, earlier this year Cisco fixed a denial-of-service vulnerability in Security Agent that attackers could exploit by sending a crafted IP packet to a Windows workstation or server running Security Agent 4.5.

Related Topics: Client security, VIEW ALL TOPICS

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: