Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0515

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0515
Last Modified 07 Mar 2011 09:30:13
Published 09 May 2006 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0515

Summary

Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.

Vulnerable Systems

Operating System

  • Cisco Adaptive Security Appliance 7.0

  • Cisco Adaptive Security Appliance 7.0%284%29

  • Cisco Adaptive Security Appliance 7.0.1.4

  • Cisco Adaptive Security Appliance 7.0.4.3

  • Cisco Pix Firewall 2.7

  • Cisco Pix Firewall 3.0

  • Cisco Pix Firewall 3.1

  • Cisco Pix Firewall 4.0

  • Cisco Pix Firewall 4.1%286%29

  • Cisco Pix Firewall 4.1%286b%29

  • Cisco Pix Firewall 4.2

  • Cisco Pix Firewall 4.2%281%29

  • Cisco Pix Firewall 4.2%282%29

  • Cisco Pix Firewall 4.2%285%29

  • Cisco Pix Firewall 4.3

  • Cisco Pix Firewall 4.4

  • Cisco Pix Firewall 4.4%284%29

  • Cisco Pix Firewall 4.4%287.202%29

  • Cisco Pix Firewall 4.4%288%29

  • Cisco Pix Firewall 5.0

  • Cisco Pix Firewall 5.1

  • Cisco Pix Firewall 5.1%284%29

  • Cisco Pix Firewall 5.1%284.206%29

  • Cisco Pix Firewall 5.2

  • Cisco Pix Firewall 5.2%281%29

  • Cisco Pix Firewall 5.2%282%29

  • Cisco Pix Firewall 5.2%283.210%29

  • Cisco Pix Firewall 5.2%285%29

  • Cisco Pix Firewall 5.2%286%29

  • Cisco Pix Firewall 5.2%287%29

  • Cisco Pix Firewall 5.2%289%29

  • Cisco Pix Firewall 5.3

  • Cisco Pix Firewall 5.3%281%29

  • Cisco Pix Firewall 5.3%281.200%29

  • Cisco Pix Firewall 5.3%282%29

  • Cisco Pix Firewall 5.3%283%29

  • Cisco Pix Firewall 6.0

  • Cisco Pix Firewall 6.0%281%29

  • Cisco Pix Firewall 6.0%282%29

  • Cisco Pix Firewall 6.0%283%29

  • Cisco Pix Firewall 6.0%284%29

  • Cisco Pix Firewall 6.0%284.101%29

  • Cisco Pix Firewall 6.1

  • Cisco Pix Firewall 6.1%281%29

  • Cisco Pix Firewall 6.1%282%29

  • Cisco Pix Firewall 6.1%283%29

  • Cisco Pix Firewall 6.1%284%29

  • Cisco Pix Firewall 6.1%285%29

  • Cisco Pix Firewall 6.1.5%28104%29

  • Cisco Pix Firewall 6.2

  • Cisco Pix Firewall 6.2%281%29

  • Cisco Pix Firewall 6.2%282%29

  • Cisco Pix Firewall 6.2%283%29

  • Cisco Pix Firewall 6.2%283.100%29

  • Cisco Pix Firewall 6.3

  • Cisco Pix Firewall 6.3%281%29

  • Cisco Pix Firewall 6.3%282%29

  • Cisco Pix Firewall 6.3%283%29

  • Cisco Pix Firewall 6.3%283.102%29

  • Cisco Pix Firewall 6.3%283.109%29

  • Cisco Pix Firewall 6.3%285%29

Application

  • Cisco Pix Firewall 6.2.2.111

  • Cisco Pix Firewall 6.2.3 %28110%29

  • Cisco Pix Firewall 6.3.3 %28133%29


References

MISC - http://www.vsecurity.com/bulletins/advisories/2006/cisco-websense-bypass.txt

BUGTRAQ - 20060508 VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices

VUPEN - ADV-2006-1738

BID - 17883

SECTRACK - 1016040

SECTRACK - 1016039

SECUNIA - 20044

XF - cisco-websense-content-filtering-bypass(26308)

OSVDB - 25453

CISCO - 20060508 PIX/ASA/FWSM Websense/N2H2 Content Filter Bypass


Last Updated: 27 May 2016 10:41:40