CVE-2006-4313

Multiple unspecified vulnerabilities in Cisco VPN 3000 series concentrators before 4.1, 4.1.x up to 4.1(7)L, and 4.7.x up to 4.7(2)F allow attackers to execute the (1) CWD, (2) MKD, (3) CDUP, (4) RNFR, (5) SIZE, and (6) RMD FTP commands to modify files or create and delete directories via unknown vectors.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/21617
http://securitytracker.com/id?1016737
http://www.cisco.com/warp/public/707/cisco-sa-20060823-vpn3k.shtml	Patch
http://www.osvdb.org/28138
http://www.osvdb.org/28139
http://www.securityfocus.com/bid/19680
http://www.vupen.com/english/advisories/2006/3368
https://exchange.xforce.ibmcloud.com/vulnerabilities/28539

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.l:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:::::::*
	cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.2.f:::::::*

History

No history.

Information

Published : 2006-08-23 22:04

Updated : 2024-02-28 10:42

NVD link : CVE-2006-4313

Mitre link : CVE-2006-4313

CVE.ORG link : CVE-2006-4313

JSON object : View

Products Affected

cisco

vpn_3000_concentrator_series_software

CWE

NVD-CWE-Other

{"id": "CVE-2006-4313", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2006-08-23T22:04:00.000", "references": [{"url": "http://secunia.com/advisories/21617", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1016737", "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-vpn3k.shtml", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/28138", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/28139", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/19680", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/3368", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28539", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in Cisco VPN 3000 series concentrators before 4.1, 4.1.x up to 4.1(7)L, and 4.7.x up to 4.7(2)F allow attackers to execute the (1) CWD, (2) MKD, (3) CDUP, (4) RNFR, (5) SIZE, and (6) RMD FTP commands to modify files or create and delete directories via unknown vectors."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades no especificadas en los concentradores de la serie Cisco VPN 3000 anteriores a 4.1, 4.1.x hasta 4.1(7)L, y 4.7.x hasta 4.7(2)F permiten a atacantes ejecutar los comandos (1) CWD, (2) MKD, (3) CDUP, (4) RNFR, (5) SIZE, y (6) RMD FTP para modificar archivos o crear y borrar directorios a trav\u00e9s de vectores no especificados."}], "lastModified": "2018-10-30T16:26:19.327", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12E298AD-26AC-4E1D-83D8-5C2016CC6559"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B71DAF71-5763-44D8-AD1E-5ADE8BC15120"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFA54782-93A8-47BE-863D-89CA3678BF6E"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "67F66A10-246D-447B-941F-F1175684F0D6"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82435757-D892-4298-9176-5EC1FEC93037"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.l:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5BAFC4A-D8FB-4450-BC29-83B306000C99"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D03F5D3F-6FB1-4A25-B544-D3C973F35DD9"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A90348C-94E2-4F04-A887-E7EFFC1ACF12"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F5E136E-9215-46A8-A40A-AE964C588A38"}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.2.f:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A13F7BC2-7491-4266-9B32-3E6D8978A6C7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}