CVE-2007-1067

Name of the Vulnerable Software and Affected Versions: Cisco Secure Services Client (CSSC) versions 4.x Trust Agent versions 1.x through 2.x Cisco Security Agent (CSA) versions 5.0 through 5.1 Meetinghouse AEGIS SecureConnect Client (affected versions not specified)

Description: The issue is related to improper command parsing, which allows local users to gain privileges.

Recommendations: For CSSC version 4.x, update to a version that properly parses commands. For Trust Agent versions 1.x through 2.x, update to a version that properly parses commands. For CSA versions 5.0 through 5.1, update to a version that properly parses commands, ensuring that any vulnerable Trust Agent has been updated. For Meetinghouse AEGIS SecureConnect Client, at the moment, there is no information about a newer version that contains a fix for this issue.