The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka βLocal Privilege Escalationβ.
labs.idefense.com/intelligence/vulnerabilities/display.php?id=442
secunia.com/advisories/22747
securitytracker.com/id?1017195
www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml
www.osvdb.org/30308
www.securityfocus.com/bid/20964
www.vupen.com/english/advisories/2006/4409
exchange.xforce.ibmcloud.com/vulnerabilities/30128