Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 00:06
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045899.html - | |
References | () http://secunia.com/advisories/20044 - | |
References | () http://securitytracker.com/id?1016039 - | |
References | () http://securitytracker.com/id?1016040 - | |
References | () http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/tsd_products_security_response09186a00806824ec.html - | |
References | () http://www.osvdb.org/25453 - | |
References | () http://www.securityfocus.com/archive/1/433270/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/17883 - Exploit | |
References | () http://www.vsecurity.com/bulletins/advisories/2006/cisco-websense-bypass.txt - Patch, Vendor Advisory | |
References | () http://www.vupen.com/english/advisories/2006/1738 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/26308 - |
02 Jul 2024, 12:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:cisco:pix_firewall_software:6.1.5\(104\):*:*:*:*:*:*:* |
11 Aug 2023, 18:54
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0\(4\):*:*:*:*:*:*:* cpe:2.3:a:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:* |
cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(4\):*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:* cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:* |
Information
Published : 2006-05-09 10:02
Updated : 2024-11-21 00:06
NVD link : CVE-2006-0515
Mitre link : CVE-2006-0515
CVE.ORG link : CVE-2006-0515
JSON object : View
Products Affected
cisco
- pix_firewall_software
- firewall_services_module
- adaptive_security_appliance_software
- pix_firewall
CWE