Cisco Secure Desktop CSDWebInstaller code exec
Added: 03/23/2011CVE: CVE-2011-0926
BID: 46536
OSVDB: 63809
Background
Cisco Secure Desktop is an endpoint security management product that consists of several components, such as Prelogin Assessment/Policies, Host Scan, Cache Cleaner, Secure Desktop (Vault), etc.Problem
Cisco Secure Desktop versions 3.x include an ActiveX control which contains a file upload vulnerability. This vulnerability may be exploited to upload and execute malicious content on the target system. An attacker must persuade the victim to browse to a website controlled by the attacker.Resolution
No patches are available for this vulnerability. The vulnerable ActiveX control may be disabled through Internet Explorer by following these Microsoft instructions. The CLSID for the vulnerable control is 705EC6D4-B138-4079-A307-EF13E4889A82.References
http://www.zerodayinitiative.com/advisories/ZDI-11-091/http://tools.cisco.com/security/center/viewAlert.x?alertId=22529
Limitations
This exploit works against Cisco Secure Desktop 3.5.841 on Windows XP SP3 English (DEP OptIn) and Windows Vista SP2 English (DEP OptIn).Platforms
WindowsBack to exploit index