New vulnerabilities discovered in the Cisco Virtual Private Network (VPN) 5000 Client software could allow an attacker to gain root access to a local workstation running the VPN client software or to capture password information used by the client, according to statements released by security company Ubizen NV and by Cisco Systems, Inc. Thursday.
The root access vulnerability affects versions of the VPN 5000 Client for Linux and Solaris, while the password vulnerability affects the VPN 5000 Client for Macintosh.
Cisco, in San Jose California, released a security advisory covering the vulnerabilities late Wednesday, and provided links to the related Cisco bug identifiers and software updates on its Web site.
In the case of the vulnerability affecting VPN 5000 clients for the Linux and Solaris, two buffer overflow conditions were discovered by engineers at Ubizen, based in Reston, Virginia, that could enable an attacker who was logged on to the remote workstation to assign root privileges to their own log-in account, essentially giving that user total administrative control of the workstation and open access to data stored on that machine. The vulnerability was discovered during testing of the VPN 5000 Client by Ubizen, a Cisco Managed Security Services partner.