[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <52607.131.182.176.99.1187291815.squirrel@slashmail.org>
Date: Thu, 16 Aug 2007 15:16:55 -0400 (EDT)
From: "Steven Adair" <steven@...urityzone.org>
To: "James Lay" <jlay@...ve-tothe-box.net>
Cc: Full-disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Interesting fun with Cisco VPN Client
Privilege Escalation Vulnerabilities
I went to the below URL you referenced
(http://www.cisco.com/cgi-bin/tablebuild.pl/windows?psrtdcat20e2), logged
in, and it works fine for me with a listing of all the clients to
download.
vpnclient-win-msi-5.0.01.0600-k9.exe
VPN Client Software for 2000/XP/Vista - Microsoft Installer 5.0.01.06
23-JUL-2007 10676224
I would suggest getting an account if you do not have one. That would
definitely make downloading the client from that URL a lot easier.
Steven
securityzone.org
> Hey All!
>
> So, as an exercise just for giggles, I attempted to get a fix for this.
> Reference:
>
> http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml
>
> As we are just a shop, we do not have a Cisco contract. Here's where the
> fun starts. From the above:
>
> 1.
>
> "Customers who purchase direct from Cisco but who do not hold a Cisco
> service contract and customers who purchase through third-party vendors
> but
> are unsuccessful at obtaining fixed software through their point of sale
> should get their upgrades by contacting the Cisco Technical Assistance
> Center (TAC). TAC contacts are as follows.
> +1 800 553 2447 (toll free from within North America)
> +1 408 526 7209 (toll call from anywhere in the world)
> e-mail: tac@...co.com
>
> Have your product serial number available and give the URL of this notice
> as evidence of your entitlement to a free upgrade. Free upgrades for
> non-contract customers must be requested through the TAC."
>
> You'll need a LOT more then just the site and serial number...you'll need
> to
> be registered with Cisco or provide them with:
>
> REQUIRED INFORMATION
>
> * CONTACT NAME:
> * CONTACT PHONE NUMBER:
> * CONTACT CISCO.COM USERID (if one exists):
> * CONTACT EMAIL ADDRESS:
> * CONTRACT #:
> * SERIAL #:
> * PRODUCT TYPE (Model Number):
> * SOFTWARE VERSION:
> * COMPANY NAME:
> * EQUIPMENT LOCATION (Address):
> * BRIEF PROBLEM DESCRIPTION:
>
> 2.
>
> "Cisco will make free software available to address these vulnerabilities
> for affected customers. This advisory will be updated as fixed software
> becomes available. Prior to deploying software, customers should consult
> their maintenance provider or check the software for feature set
> compatibility and known issues specific to their environment.
>
> Customers may only install and expect support for the feature sets they
> have purchased. By installing, downloading, accessing or otherwise using
> such software upgrades, customers agree to be bound by the terms of
> Cisco's
> software license terms found at
> http://www.cisco.com/public/sw-license-agreement.html, or as otherwise set
> forth at Cisco.com Downloads at
> http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
>
> Not true. My router is out of warranty, so Cisco is telling me that I'm
> out
> of luck as follows:
>
> "The product that you requested support for is an older product that has
> passed the warranty period date for that product. Once a product becomes
> End of Sale, it is supported for three years
> beyond the End of Sale date and then becomes End of Support.
> After that point, we recommend that you contact your Cisco point of sale
> to discuss migrating your old equipment to newer supported technology.
> Cisco Partners, Resellers, and internal Cisco Sales Teams often have
> special offers and technology migration programs available."
>
> 3.
>
> The last gig is:
>
> "The Cisco VPN Client for Windows is available for download from the
> following location on cisco.com:
>
> http://www.cisco.com/pcgi-bin/tablebuild.pl/windows?psrtdcat20e2 "
>
> Heh..nothing there.
>
> Interesting...VERY interesting ;)
>
> James
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists