ID
VAR-200601-0023
CVE
CVE-2006-0483
TITLE
Cisco VPN 3000 series concentrator Service disruption in software (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet. A successful attack can cause the device to hang, completely denying further service to legitimate users. Cisco has documented this issue as Bug IDs CSCsb77324 and CSCsd26340. The vulnerability is caused due to an error when processing HTTP packets. Successful exploitation requires that the HTTP service is enabled (default setting). The vulnerability has been reported in software versions 4.7.0 through 4.7.2.A (including version 4.7REL). Software versions prior to 4.7.x are not affected. SOLUTION: Update to software version 4.7.2.B or later. http://www.cisco.com/pcgi-bin/tablebuild.pl/vpn3000-3des Disable the HTTP service. PROVIDED AND/OR DISCOVERED BY: Discussed at the Schmoocon security conference. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060126-vpn.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------
Trust: 2.07
AFFECTED PRODUCTS
| vendor: | cisco | model: | vpn 3030 concentator | scope: | eq | version: | 4.7.1.f | Trust: 1.6 |
| vendor: | cisco | model: | vpn 3030 concentator | scope: | eq | version: | 4.7.2.a | Trust: 1.6 |
| vendor: | cisco | model: | vpn 3000 concentrator series software | scope: | eq | version: | 4.7 | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3000 concentrator series software | scope: | eq | version: | 4.7\(rel\) | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3000 concentrator series software | scope: | eq | version: | 4.7.2 | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3030 concentator | scope: | eq | version: | 4.7.1 | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3000 concentrator series software | scope: | eq | version: | 4.7.2.a | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3000 concentrator series software | scope: | eq | version: | 4.7.1.f | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3030 concentator | scope: | eq | version: | 4.7\(rel\) | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3000 concentrator series software | scope: | eq | version: | 4.7.1 | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3030 concentator | scope: | eq | version: | 4.7.2 | Trust: 1.0 |
| vendor: | cisco | model: | vpn 3005 concentrator | scope: | eq | version: | 4.7.0 to 4.7.2.a | Trust: 0.8 |
| vendor: | cisco | model: | vpn 3015 concentrator | scope: | eq | version: | 4.7.0 to 4.7.2.a | Trust: 0.8 |
| vendor: | cisco | model: | vpn 3020 concentrator | scope: | eq | version: | 4.7.0 to 4.7.2.a | Trust: 0.8 |
| vendor: | cisco | model: | vpn 3030 concentator | scope: | eq | version: | 4.7.0 to 4.7.2.a | Trust: 0.8 |
| vendor: | cisco | model: | vpn 3060 concentrator | scope: | eq | version: | 4.7.0 to 4.7.2.a | Trust: 0.8 |
| vendor: | cisco | model: | vpn 3080 concentrator | scope: | eq | version: | 4.7.0 to 4.7.2.a | Trust: 0.8 |
| vendor: | cisco | model: | vpn 3060 concentrator | scope: | eq | version: | 4.7\(rel\) | Trust: 0.6 |
| vendor: | cisco | model: | vpn 3080 concentrator | scope: | eq | version: | 4.7.2.a | Trust: 0.6 |
| vendor: | cisco | model: | vpn 3060 concentrator | scope: | eq | version: | 4.7.2 | Trust: 0.6 |
| vendor: | cisco | model: | vpn 3060 concentrator | scope: | eq | version: | 4.7.1 | Trust: 0.6 |
| vendor: | cisco | model: | vpn 3060 concentrator | scope: | eq | version: | 4.7.1.f | Trust: 0.6 |
| vendor: | cisco | model: | vpn 3015 concentrator | scope: | eq | version: | 4.7.2 | Trust: 0.6 |
| vendor: | cisco | model: | vpn 3060 concentrator | scope: | eq | version: | 4.7 | Trust: 0.6 |
| vendor: | cisco | model: | vpn 3005 concentrator | scope: | eq | version: | 4.7 | Trust: 0.6 |
| vendor: | cisco | model: | vpn concentrator a | scope: | eq | version: | 30804.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | eq | version: | 30804.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30804.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30804.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator rel | scope: | eq | version: | 30804.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator a | scope: | eq | version: | 30604.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30604.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | eq | version: | 30604.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30604.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30604.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator rel | scope: | eq | version: | 30604.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator a | scope: | eq | version: | 30304.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30304.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | eq | version: | 30304.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30304.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30304.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator rel | scope: | eq | version: | 30304.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator a | scope: | eq | version: | 30204.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30204.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | eq | version: | 30204.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30204.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30204.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator rel | scope: | eq | version: | 30204.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator a | scope: | eq | version: | 30154.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30154.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | eq | version: | 30154.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30154.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30154.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator rel | scope: | eq | version: | 30154.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator a | scope: | eq | version: | 30054.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30054.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | eq | version: | 30054.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30054.7.1 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator | scope: | eq | version: | 30054.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator rel | scope: | eq | version: | 30054.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | ne | version: | 30804.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator l | scope: | ne | version: | 30804.1.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | ne | version: | 30304.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator l | scope: | ne | version: | 30304.1.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | ne | version: | 30204.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator l | scope: | ne | version: | 30204.1.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | ne | version: | 30154.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator l | scope: | ne | version: | 30154.1.7 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator f | scope: | ne | version: | 30054.7.2 | Trust: 0.3 |
| vendor: | cisco | model: | vpn concentrator l | scope: | ne | version: | 30054.1.7 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | NVD-CWE-Other | Trust: 1.0 |
THREAT TYPE
remote
Trust: 0.6
TYPE
other
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | cisco-sa-20060126-vpn.shtml | url: | http://www.cisco.com/warp/public/707/cisco-sa-20060126-vpn.shtml | Trust: 0.8 |
| title: | 18629 | url: | http://secunia.com/advisories/18629 | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2006-0483 | Trust: 2.5 |
| db: | BID | id: | 16394 | Trust: 2.0 |
| db: | SECUNIA | id: | 18629 | Trust: 1.8 |
| db: | VUPEN | id: | ADV-2006-0346 | Trust: 1.7 |
| db: | SECTRACK | id: | 1015546 | Trust: 1.7 |
| db: | SREASON | id: | 375 | Trust: 1.7 |
| db: | OSVDB | id: | 22754 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2006-003856 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-200601-387 | Trust: 0.7 |
| db: | CISCO | id: | 20060126 CISCO VPN 3000 CONCENTRATOR VULNERABLE TO CRAFTED HTTP ATTACK | Trust: 0.6 |
| db: | XF | id: | 24330 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-16591 | Trust: 0.1 |
| db: | PACKETSTORM | id: | 43446 | Trust: 0.1 |
REFERENCES
| url: | http://www.cisco.com/warp/public/707/cisco-sa-20060126-vpn.shtml | Trust: 2.1 |
| url: | http://www.securityfocus.com/bid/16394 | Trust: 1.7 |
| url: | http://www.osvdb.org/22754 | Trust: 1.7 |
| url: | http://securitytracker.com/id?1015546 | Trust: 1.7 |
| url: | http://secunia.com/advisories/18629 | Trust: 1.7 |
| url: | http://securityreason.com/securityalert/375 | Trust: 1.7 |
| url: | http://www.vupen.com/english/advisories/2006/0346 | Trust: 1.1 |
| url: | https://exchange.xforce.ibmcloud.com/vulnerabilities/24330 | Trust: 1.1 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0483 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-0483 | Trust: 0.8 |
| url: | http://www.frsirt.com/english/advisories/2006/0346 | Trust: 0.6 |
| url: | http://xforce.iss.net/xforce/xfdb/24330 | Trust: 0.6 |
| url: | http://www.cisco.com/en/us/products/sw/voicesw/ps4625/index.html | Trust: 0.3 |
| url: | http://www.esentire.com/news/vuln-cisco-vpn.html | Trust: 0.3 |
| url: | http://secunia.com/secunia_security_advisories/ | Trust: 0.1 |
| url: | http://secunia.com/product/90/ | Trust: 0.1 |
| url: | http://secunia.com/advisories/18629/ | Trust: 0.1 |
| url: | http://www.cisco.com/pcgi-bin/tablebuild.pl/vpn3000-3des | Trust: 0.1 |
| url: | http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org | Trust: 0.1 |
| url: | http://secunia.com/about_secunia_advisories/ | Trust: 0.1 |
CREDITS
Discovered by Eldon Sprickerhoff <eldons@eSentire.com>.
Trust: 0.9
SOURCES
| db: | VULHUB | id: | VHN-16591 |
| db: | BID | id: | 16394 |
| db: | JVNDB | id: | JVNDB-2006-003856 |
| db: | PACKETSTORM | id: | 43446 |
| db: | CNNVD | id: | CNNVD-200601-387 |
| db: | NVD | id: | CVE-2006-0483 |
LAST UPDATE DATE
2024-08-14T14:48:01.177000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-16591 | date: | 2018-10-30T00:00:00 |
| db: | BID | id: | 16394 | date: | 2006-04-26T22:41:00 |
| db: | JVNDB | id: | JVNDB-2006-003856 | date: | 2014-03-11T00:00:00 |
| db: | CNNVD | id: | CNNVD-200601-387 | date: | 2006-02-13T00:00:00 |
| db: | NVD | id: | CVE-2006-0483 | date: | 2018-10-30T16:26:19.653 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-16591 | date: | 2006-01-31T00:00:00 |
| db: | BID | id: | 16394 | date: | 2006-01-26T00:00:00 |
| db: | JVNDB | id: | JVNDB-2006-003856 | date: | 2014-03-11T00:00:00 |
| db: | PACKETSTORM | id: | 43446 | date: | 2006-01-27T18:55:10 |
| db: | CNNVD | id: | CNNVD-200601-387 | date: | 2006-01-31T00:00:00 |
| db: | NVD | id: | CVE-2006-0483 | date: | 2006-01-31T20:03:00 |