Cisco Secure Desktop CSDWebInstaller code exec

Added: 03/23/2011
CVE: CVE-2011-0926
BID: 46536
OSVDB: 63809

Background

Cisco Secure Desktop is an endpoint security management product that consists of several components, such as Prelogin Assessment/Policies, Host Scan, Cache Cleaner, Secure Desktop (Vault), etc.

Problem

Cisco Secure Desktop versions 3.x include an ActiveX control which contains a file upload vulnerability. This vulnerability may be exploited to upload and execute malicious content on the target system. An attacker must persuade the victim to browse to a website controlled by the attacker.

Resolution

No patches are available for this vulnerability. The vulnerable ActiveX control may be disabled through Internet Explorer by following these Microsoft instructions. The CLSID for the vulnerable control is 705EC6D4-B138-4079-A307-EF13E4889A82.

References

http://www.zerodayinitiative.com/advisories/ZDI-11-091/
http://tools.cisco.com/security/center/viewAlert.x?alertId=22529

Limitations

This exploit works against Cisco Secure Desktop 3.5.841 on Windows XP SP3 English (DEP OptIn) and Windows Vista SP2 English (DEP OptIn).

Platforms

Windows

Back to exploit index