lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 16 Aug 2007 09:51:50 -0600
From: James Lay <jlay@...ve-tothe-box.net>
To: Full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Interesting fun with Cisco VPN Client Privilege
 Escalation Vulnerabilities

Hey All!

So, as an exercise just for giggles, I attempted to get a fix for this.
Reference:

http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml

As we are just a shop, we do not have a Cisco contract.  Here's where the
fun starts.  From the above:

1.
  
"Customers who purchase direct from Cisco but who do not hold a Cisco
service contract and customers who purchase through third-party vendors but
are unsuccessful at obtaining fixed software through their point of sale
should get their upgrades by contacting the Cisco Technical Assistance
Center (TAC). TAC contacts are as follows.
+1 800 553 2447 (toll free from within North America)
+1 408 526 7209 (toll call from anywhere in the world)
e-mail: tac@...co.com

Have your product serial number available and give the URL of this notice
as evidence of your entitlement to a free upgrade. Free upgrades for
non-contract customers must be requested through the TAC."

You'll need a LOT more then just the site and serial number...you'll need to
be registered with Cisco or provide them with:

REQUIRED INFORMATION

* CONTACT NAME: 
* CONTACT PHONE NUMBER:
* CONTACT CISCO.COM USERID (if one exists):
* CONTACT EMAIL ADDRESS:
* CONTRACT #: 
* SERIAL #: 
* PRODUCT TYPE (Model Number):
* SOFTWARE VERSION:
* COMPANY NAME: 
* EQUIPMENT LOCATION (Address):
* BRIEF PROBLEM DESCRIPTION:

2.

"Cisco will make free software available to address these vulnerabilities
for affected customers. This advisory will be updated as fixed software
becomes available. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set
compatibility and known issues specific to their environment.

Customers may only install and expect support for the feature sets they
have purchased. By installing, downloading, accessing or otherwise using
such software upgrades, customers agree to be bound by the terms of Cisco's
software license terms found at
http://www.cisco.com/public/sw-license-agreement.html, or as otherwise set
forth at Cisco.com Downloads at
http://www.cisco.com/public/sw-center/sw-usingswc.shtml."

Not true.  My router is out of warranty, so Cisco is telling me that I'm out
of luck as follows:

"The product that you requested support for is an older product that has
passed the warranty period date for that product.  Once a product becomes
End of Sale, it is supported for three years
beyond the End of Sale date and then becomes End of Support.
After that point, we recommend that you contact your Cisco point of sale
to discuss migrating your old equipment to newer supported technology.
Cisco Partners, Resellers, and internal Cisco Sales Teams often have
special offers and technology migration programs available."

3.

The last gig is:

"The Cisco VPN Client for Windows is available for download from the
following location on cisco.com:

http://www.cisco.com/pcgi-bin/tablebuild.pl/windows?psrtdcat20e2 "

Heh..nothing there.

Interesting...VERY interesting ;)

James


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ