Details of VAR-201509-0005

ID

VAR-201509-0005

CVE

CVE-2015-6306

TITLE

Mac OS X and Linux Run on Cisco AnyConnect Secure Mobility Client In root Privileged vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2015-004958

DESCRIPTION

Cisco AnyConnect Secure Mobility Client 4.1(8) on OS X and Linux does not verify pathnames before installation actions, which allows local users to obtain root privileges via a crafted installation file, aka Bug ID CSCuv11947. Cisco AnyConnect Secure Mobility Client is prone to a local privilege-escalation vulnerability. A local attacker may exploit this issue to gain elevated system privileges on the device. This issue is being tracked by Cisco Bug ID CSCuv11947. The vulnerability is caused by the fact that the program does not verify the path name before performing the installation operation

Trust: 2.07

sources: NVD: CVE-2015-6306 // JVNDB: JVNDB-2015-004958 // BID: 76827 // VULHUB: VHN-84267 // VULMON: CVE-2015-6306

AFFECTED PRODUCTS

vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1.\(8\)	Trust: 1.6
vendor:	cisco	model:	anyconnect secure mobility client	scope:	eq	version:	4.1 (8)	Trust: 0.8

sources: JVNDB: JVNDB-2015-004958 // CNNVD: CNNVD-201509-542 // NVD: CVE-2015-6306

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2015-6306
value:	HIGH
Trust: 1.0
NVD:	CVE-2015-6306
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201509-542
value:	HIGH
Trust: 0.6
VULHUB:	VHN-84267
value:	HIGH
Trust: 0.1
VULMON:	CVE-2015-6306
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2015-6306
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-84267
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-84267 // VULMON: CVE-2015-6306 // JVNDB: JVNDB-2015-004958 // CNNVD: CNNVD-201509-542 // NVD: CVE-2015-6306

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-84267 // JVNDB: JVNDB-2015-004958 // NVD: CVE-2015-6306

THREAT TYPE

local

Trust: 0.9

sources: BID: 76827 // CNNVD: CNNVD-201509-542

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201509-542

CONFIGURATIONS

sources: JVNDB: JVNDB-2015-004958

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-84267 // VULMON: CVE-2015-6306

PATCH

title:	41135	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=41135	Trust: 0.8
title:	CVE-Study	url:	https://github.com/thdusdl1219/CVE-Study	Trust: 0.1

sources: VULMON: CVE-2015-6306 // JVNDB: JVNDB-2015-004958

EXTERNAL IDS

db:	NVD	id:	CVE-2015-6306	Trust: 2.9
db:	EXPLOIT-DB	id:	38303	Trust: 1.2
db:	PACKETSTORM	id:	133685	Trust: 1.2
db:	SECTRACK	id:	1033656	Trust: 1.2
db:	JVNDB	id:	JVNDB-2015-004958	Trust: 0.8
db:	CNNVD	id:	CNNVD-201509-542	Trust: 0.7
db:	BID	id:	76827	Trust: 0.5
db:	VULHUB	id:	VHN-84267	Trust: 0.1
db:	VULMON	id:	CVE-2015-6306	Trust: 0.1

sources: VULHUB: VHN-84267 // VULMON: CVE-2015-6306 // BID: 76827 // JVNDB: JVNDB-2015-004958 // CNNVD: CNNVD-201509-542 // NVD: CVE-2015-6306

REFERENCES

url:	http://tools.cisco.com/security/center/viewalert.x?alertid=41135	Trust: 2.1
url:	https://www.exploit-db.com/exploits/38303/	Trust: 1.3
url:	http://www.securityfocus.com/archive/1/536534/100/0/threaded	Trust: 1.2
url:	http://seclists.org/fulldisclosure/2015/sep/86	Trust: 1.2
url:	http://packetstormsecurity.com/files/133685/cisco-anyconnect-dmg-install-script-privilege-escalation.html	Trust: 1.2
url:	https://www.securify.nl/advisory/sfy20150701/cisco_anyconnect_elevation_%20of_privileges_via_dmg_install_script.html	Trust: 1.2
url:	http://www.securitytracker.com/id/1033656	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-6306	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-6306	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps10884/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1
url:	https://www.securityfocus.com/bid/76827	Trust: 0.1

sources: VULHUB: VHN-84267 // VULMON: CVE-2015-6306 // BID: 76827 // JVNDB: JVNDB-2015-004958 // CNNVD: CNNVD-201509-542 // NVD: CVE-2015-6306

CREDITS

Mr. Yorick Koster of Securify B.V

Trust: 0.3

sources: BID: 76827

SOURCES

db:	VULHUB	id:	VHN-84267
db:	VULMON	id:	CVE-2015-6306
db:	BID	id:	76827
db:	JVNDB	id:	JVNDB-2015-004958
db:	CNNVD	id:	CNNVD-201509-542
db:	NVD	id:	CVE-2015-6306

LAST UPDATE DATE

2024-11-23T21:54:54.655000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-84267	date:	2018-10-09T00:00:00
db:	VULMON	id:	CVE-2015-6306	date:	2018-10-09T00:00:00
db:	BID	id:	76827	date:	2016-07-06T14:42:00
db:	JVNDB	id:	JVNDB-2015-004958	date:	2015-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201509-542	date:	2015-09-29T00:00:00
db:	NVD	id:	CVE-2015-6306	date:	2024-11-21T02:34:44.670

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-84267	date:	2015-09-26T00:00:00
db:	VULMON	id:	CVE-2015-6306	date:	2015-09-26T00:00:00
db:	BID	id:	76827	date:	2015-09-23T00:00:00
db:	JVNDB	id:	JVNDB-2015-004958	date:	2015-09-30T00:00:00
db:	CNNVD	id:	CNNVD-201509-542	date:	2015-09-28T00:00:00
db:	NVD	id:	CVE-2015-6306	date:	2015-09-26T01:59:10.657