Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3101

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2006-3101
Last Modified 07 Mar 2011 09:37:50
Published 20 Jun 2006 09:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2006-3101

Summary

Cross-site scripting (XSS) vulnerability in LogonProxy.cgi in Cisco Secure ACS for UNIX 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) error, (2) SSL, and (3) Ok parameters.

Vulnerable Systems

Application

  • Cisco Secure Access Control Server 2.3


References

BID - 18449

BUGTRAQ - 20060617 RE: Cisco Secure ACS Cross Site Scripting Vulnerability.

BUGTRAQ - 20060615 Cisco Secure ACS Cross Site Scripting Vulnerability.

CISCO - 20060615 Cisco Secure ACS for UNIX Cross Site Scripting Vulnerability

SECTRACK - 1016317

SECUNIA - 20699

VUPEN - ADV-2006-2384

OSVDB - 26531

XF - cisco-acs-logonproxy-xss(27166)

SREASON - 1116


Last Updated: 27 May 2016 10:42:53