Cisco warns of vulnerabilities in VPN client software

Vulnerabilities in Cisco System's Virtual Private Network (VPN) 5000 Client software could allow an attacker to gain control of a...

Vulnerabilities in Cisco System's Virtual Private Network (VPN) 5000 Client software could allow an attacker to gain control of a local workstation running the VPN client software or to capture password information used by the client, according to security company Ubizen and Cisco.

The root access vulnerability affects versions of the VPN 5000 Client for Linux and Solaris, while the password vulnerability affects the VPN 5000 Client for Macintosh.

Cisco released a security advisory covering the vulnerabilities last week and provided links to the related Cisco bug identifiers and software updates on its Web site.

The vulnerability affecting VPN 5000 clients for the Linux and Solaris could enable an attacker who was logged on to the remote workstation to assign root privileges to their own login account, giving that user total administrative control of the workstation and open access to data stored on that machine.

The condition can be exploited without special knowledge of VPN technology according to Niels Heinen, a security assurance engineer at Ubizen, who reported the issue to Cisco in early July.

"Its an easy exploit - the kind you see in buffer overflow tutorials. It doesn't require a tremendous amount of technical knowledge to use it," Heinen said.

The buffer overflow vulnerability would require local access to the machine running the VPN Client, and would only compromise the security of the local workstation, not the security of the remote networks connected to by the VPN Client, Heinen said.

The vulnerabilities affect all versions of Cisco VPN Client software for Linux prior to version 5.2.7 and all versions of Cisco VPN Client software for Solaris prior to version 5.2.8.

This was the second security advisory affecting Cisco's VPN technology to be released in the past month. On 6 September, Cisco issued a pair of security advisories concerning vulnerabilities it had discovered in its VPN 3000 Client and its line of VPN 3000 concentrators.

Software patches for those vulnerabilities, as well as the two discovered this week, are posted on Cisco's Web site. Cisco is encouraging its customers using the VPN 5000 Client on affected operating systems to upgrade to the latest version of its client software.

Read more on Operating systems software

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.