Vulnerabilities > CVE-2006-0515 - Unspecified vulnerability in Cisco products
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cisco
exploit available
Summary
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.
Vulnerable Configurations
Exploit-Db
| description | Multiple Cisco Products WebSense Content Filtering Bypass Vulnerability. CVE-2006-0515. Remote exploit for hardware platform |
| id | EDB-ID:27830 |
| last seen | 2016-02-03 |
| modified | 2006-05-08 |
| published | 2006-05-08 |
| reporter | George D. Gal |
| source | https://www.exploit-db.com/download/27830/ |
| title | Multiple Cisco Products WebSense Content Filtering Bypass Vulnerability |
References
- http://www.vsecurity.com/bulletins/advisories/2006/cisco-websense-bypass.txt
- http://www.securityfocus.com/bid/17883
- http://securitytracker.com/id?1016039
- http://securitytracker.com/id?1016040
- http://secunia.com/advisories/20044
- http://www.cisco.com/en/US/products/sw/netmgtsw/ps2032/tsd_products_security_response09186a00806824ec.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045899.html
- http://www.osvdb.org/25453
- http://www.vupen.com/english/advisories/2006/1738
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26308
- http://www.securityfocus.com/archive/1/433270/100/0/threaded