Title: Cisco Trust Agent on Mac OS X User Notification Authentication Bypass
Jun 11, 2007
Trust Agent for Mac OS X contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the agent delivers a message to a login screen, or over the password prompt to exit the screensaver, through which an unauthenticated user can access System Preferences as the root user. This flaw may lead to a loss of integrity.
Local Access Required
Loss of Integrity
Upgrade to version 126.96.36.199 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.