Sign-up

ID

VAR-200608-0174


CVE

CVE-2006-4430


TITLE

Cisco NAC Vulnerabilities that bypass local and remote protection mechanisms

Trust: 0.8

sources: JVNDB: JVNDB-2005-000895

DESCRIPTION

The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms. The Cisco NAC Agent is prone to a security-bypass vulnerability because of a design error in the application. An attacker can exploit this issue to bypass security restrictions. This results in a false sense of security and may aid attackers in further attacks. An attacker can connect to the network by changing the default parameters of the Windows TCP/IP stack and using a custom HTTPS client (instead of a browser) to bypass host authentication

Trust: 1.98

sources: NVD: CVE-2006-4430 // JVNDB: JVNDB-2005-000895 // BID: 19726 // VULHUB: VHN-20538

AFFECTED PRODUCTS

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.4.3

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.4

Trust: 1.0

vendor:ciscomodel:network admission controlscope:lteversion:3.6.4.1

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.6.4.0.1

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.5

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.7

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.9

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.5\(9\)

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.8

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.6.0.1

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.3

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.4

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.2

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.5

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.6

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.4.5

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.4.4

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.5.4

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.3.1

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.4.2

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.5.3

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.5.2

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.5.1

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.5.5

Trust: 1.0

vendor:ciscomodel:network admission control manager and server system softwarescope:eqversion:3.4.1

Trust: 1.0

vendor:ciscomodel:clean accessscope:eqversion:3.6.4.0.1

Trust: 0.9

vendor:ciscomodel:clean accessscope:eqversion:3.6.0.1

Trust: 0.9

vendor:ciscomodel:clean accessscope:eqversion:3.5.5

Trust: 0.9

vendor:ciscomodel:clean accessscope:eqversion:3.5.4

Trust: 0.9

vendor:ciscomodel:clean accessscope:eqversion:3.5.3

Trust: 0.9

vendor:ciscomodel:clean accessscope:eqversion:3.5.2

Trust: 0.9

vendor:ciscomodel:clean accessscope:eqversion:3.5.1

Trust: 0.9

vendor:ciscomodel:clean accessscope:eqversion:3.5

Trust: 0.9

vendor:ciscomodel:network admission control appliancescope:lteversion:3.6.4.1

Trust: 0.8

vendor:ciscomodel:clean accessscope: - version: -

Trust: 0.8

vendor:ciscomodel:network admission controlscope:eqversion:3.6.4.1

Trust: 0.6

vendor:ciscomodel:clean accessscope:eqversion:3.5\(9\)

Trust: 0.6

vendor:ciscomodel:clean accessscope:eqversion:3.5(9)

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.4.5

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.4.4

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.4.3

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.4.2

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.4.1

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.4

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.9

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.8

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.7

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.6

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.5

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.4

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.3

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.2

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3.1

Trust: 0.3

vendor:ciscomodel:clean accessscope:eqversion:3.3

Trust: 0.3

sources: BID: 19726 // JVNDB: JVNDB-2005-000895 // CNNVD: CNNVD-200608-450 // NVD: CVE-2006-4430

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-4430
value: MEDIUM

Trust: 1.0

NVD: CVE-2006-4430
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-200608-450
value: MEDIUM

Trust: 0.6

VULHUB: VHN-20538
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2006-4430
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-20538
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-20538 // JVNDB: JVNDB-2005-000895 // CNNVD: CNNVD-200608-450 // NVD: CVE-2006-4430

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-4430

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200608-450

TYPE

Design Error

Trust: 0.9

sources: BID: 19726 // CNNVD: CNNVD-200608-450

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2005-000895

PATCH
title:Document ID: 66147url:http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2005-000895

EXTERNAL IDS
db:NVDid:CVE-2006-4430
Trust: 2.5
db:BIDid:19726
Trust: 2.0
db:JVNDBid:JVNDB-2005-000895
Trust: 0.8
db:CNNVDid:CNNVD-200608-450
Trust: 0.7
db:CISCOid:20060826 NAC AGENT INSTALLATION BYPASS
Trust: 0.6
db:CISCOid:20060822 RESPONSE TO BUGTRAQ - CISCO CLEAN ACCESS AGENT (PERFIGO) BYPASS
Trust: 0.6
db:BUGTRAQid:20050819 CISCO CLEAN ACCESS AGENT (PERFIGO) BYPASS
Trust: 0.6
db:BUGTRAQid:20060826 RE: CISCO NAC APPLIANCE AGENT INSTALLATION BYPASS VULNERABILITY
Trust: 0.6
db:BUGTRAQid:20050822 RE: CISCO CLEAN ACCESS AGENT (PERFIGO) BYPASS
Trust: 0.6
db:BUGTRAQid:20060829 RE: CISCO NAC APPLIANCE AGENT INSTALLATION BYPASS VULNERABILITY
Trust: 0.6
db:BUGTRAQid:20060826 CISCO NAC APPLIANCE AGENT INSTALLATION BYPASS VULNERABILITY
Trust: 0.6
db:VULHUBid:VHN-20538
Trust: 0.1
sources:
            
            
            VULHUB: VHN-20538 // 
            
            
            
            BID: 19726 // 
            
            
            
            JVNDB: JVNDB-2005-000895 // 
            
            
            
            CNNVD: CNNVD-200608-450 // 
            
            
            
            NVD: CVE-2006-4430

REFERENCES
url:http://www.securityfocus.com/bid/19726
Trust: 1.7
url:http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html
Trust: 1.7
url:http://www.securityfocus.com/archive/1/444501/100/0/threaded
Trust: 1.7
url:http://www.cisco.com/en/us/products/ps6128/products_security_notice09186a00804fa82b.html
Trust: 1.7
url:http://www.cisco.com/en/us/products/ps6128/tsd_products_security_response09186a008071d609.html
Trust: 1.7
url:http://www.securityfocus.com/archive/1/408603/30/0/threaded
Trust: 1.1
url:http://www.securityfocus.com/archive/1/444424/100/0/threaded
Trust: 1.1
url:http://www.securityfocus.com/archive/1/444737/100/0/threaded
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4430
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4430
Trust: 0.8
url:http://www.securityfocus.com/archive/1/archive/1/444737/100/0/threaded
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/444424/100/0/threaded
Trust: 0.6
url:http://www.securityfocus.com/archive/1/archive/1/408603/30/0/threaded
Trust: 0.6
url:http://www.cisco.com/en/us/products/ps6128/index.html
Trust: 0.3
url:http://www.cisco.com/warp/public/707/cisco-sr-20060826-nac.shtml
Trust: 0.3
url:/archive/1/444424
Trust: 0.3
url:/archive/1/444501
Trust: 0.3
url:/archive/1/444737
Trust: 0.3
sources:
            
            
            VULHUB: VHN-20538 // 
            
            
            
            BID: 19726 // 
            
            
            
            JVNDB: JVNDB-2005-000895 // 
            
            
            
            CNNVD: CNNVD-200608-450 // 
            
            
            
            NVD: CVE-2006-4430

CREDITS
Andreas Gal http://www.andreasgal.com/ http://www.feise.com/
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200608-450

SOURCES
db:VULHUBid:VHN-20538
db:BIDid:19726
db:JVNDBid:JVNDB-2005-000895
db:CNNVDid:CNNVD-200608-450
db:NVDid:CVE-2006-4430

LAST UPDATE DATE
2024-08-14T15:45:33.796000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-20538date:2018-10-30T00:00:00
db:BIDid:19726date:2006-09-04T18:48:00
db:JVNDBid:JVNDB-2005-000895date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200608-450date:2006-09-05T00:00:00
db:NVDid:CVE-2006-4430date:2018-10-30T16:26:16.340

SOURCES RELEASE DATE
db:VULHUBid:VHN-20538date:2006-08-29T00:00:00
db:BIDid:19726date:2006-08-26T00:00:00
db:JVNDBid:JVNDB-2005-000895date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200608-450date:2006-08-28T00:00:00
db:NVDid:CVE-2006-4430date:2006-08-29T00:04:00