Details of VAR-200609-0399

ID

VAR-200609-0399

CVE

CVE-2006-4950

TITLE

Cisco products contain hard-coded SNMP values

Trust: 0.8

sources: CERT/CC: VU#123140

DESCRIPTION

Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. Certain versions of the Cisco IOS software have a hard-coded SNMP read-write community string that cannot be changed by an administrator. This issue allows an attacker to gain unauthorized access to the device and may result in a complete compromise of the device. Cisco IOS is the operating system used by Cisco equipment. The default community strings are the result of inadvertently identifying these devices as supported Data over Cable Service Interface Specification (DOCSIS) compliant interfaces. ---------------------------------------------------------------------- Want to work within IT-Security? Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit. Currently the following type of positions are available: http://secunia.com/quality_assurance_analyst/ http://secunia.com/web_application_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Cisco IOS DOCSIS Community String Vulnerability SECUNIA ADVISORY ID: SA21974 VERIFY ADVISORY: http://secunia.com/advisories/21974/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network OPERATING SYSTEM: Cisco IOS 12.x http://secunia.com/product/182/ Cisco IOS R12.x http://secunia.com/product/50/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to compromise a vulnerable system. http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2006-4950 // CERT/CC: VU#123140 // JVNDB: JVNDB-2006-000572 // BID: 20125 // VULHUB: VHN-21058 // PACKETSTORM: 50202

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 2.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xg5	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xk	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(6d\)	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xg2	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xg4	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xh	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xe4	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yd	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xg1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xk1	Trust: 1.6
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xx	Trust: 1.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5a\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xd1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xf	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(1a\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xk4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yg3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(1b\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)ja	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xm	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yt1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(15b\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(10c\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)ja5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xa	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(12b\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xc4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yh	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(6a\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)ys	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(12e\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7.7\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xa5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3jx	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yq1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)t5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5f\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xw	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yf	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)t4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(2\)xb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yq4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yu	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(1\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yf	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)xy5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yf4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xq1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)jx	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)ym4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xk	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(16\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)t12	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yk2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3bw	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)xl	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5b\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)t11	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3ja	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xy	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)t8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(10e\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)xi4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xc1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(9\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yr	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)ys1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yl	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)ya1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xl	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xq	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(12\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)xy6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xa4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(2\)t1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xd	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xr	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xt	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(3b\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xc2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3bc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xj	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)t6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(2\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xi	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)t4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5c\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yi	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yu1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)t3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3ys	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)t10	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(13b\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(6f\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yi3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yq3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(13a\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)t4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yt	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(13\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yt	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)t8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4xa	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)eo1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yi	Trust: 1.0
vendor:	cisco	model:	ios	scope:	lte	version:	12.3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)ja	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)t2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yu	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yf2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yq	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yw	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3jk	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3j	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(10\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)xl3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(3a\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4mr	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yx	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)ja1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xd	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)t9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yg	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)ja1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5e\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)ja1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3ym	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3tpc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yk1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(9a\)bc6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yn	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)t7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)ja	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xe4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)xr3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(3h\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4xb	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5a\)b2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xz	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)xi3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yl	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)xr6	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(9a\)bc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(13a\)bc	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xh	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5a\)b5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(2\)mr1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xq	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)jk1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yj	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)ja	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(4\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(9a\)bc7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(5\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(2\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)t9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)xu2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yw	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(2\)mr	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)t9	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yf3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(13a\)bc1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3ye	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yk	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yh	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)t8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(9d\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(1c\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)yq	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)xy4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)t8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xv	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(14\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(9e\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3ya	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)t5	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yd	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yg1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(3e\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)t	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yg2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)yi1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)tpc11a	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(6e\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(10d\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xd2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(9a\)bc2	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)jk	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(15\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(3i\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)t4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)xr4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yr	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.4\(2\)xa	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xs	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xe3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(6\)	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)yk	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xe	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yf	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)t8	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)xk3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5\)b1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(8\)t4	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(2\)xc3	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(5a\)b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(4\)t1	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xu	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3yj	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(7\)xi7	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.3\(11\)t	Trust: 1.0
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 0.8
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 0.8
vendor:	cisco	model:	vg224 analog phone gateway	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	mwr mobile wireless edge router	scope:	eq	version:	19410	Trust: 0.3
vendor:	cisco	model:	mwr mobile wireless edge router	scope:	eq	version:	19000	Trust: 0.3
vendor:	cisco	model:	ios 12.4t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4mr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	iad2432 integrated access device	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	iad2431 integrated access device	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	iad2430 integrated access device	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	ios 12.4 t	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 mr	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.4(3)	Trust: 0.3
vendor:	cisco	model:	ios 12.4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t10	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t11	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t13	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yq8	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 ym8	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yg5	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 t6	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 mc2c	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	iad2424 integrated access device	scope:	ne	version:	0	Trust: 0.3
vendor:	cisco	model:	iad2423 integrated access device	scope:	ne	version:	0	Trust: 0.3
vendor:	cisco	model:	iad2421 integrated access device	scope:	ne	version:	0	Trust: 0.3
vendor:	cisco	model:	iad2420 integrated access device	scope:	ne	version:	0	Trust: 0.3

sources: CERT/CC: VU#123140 // BID: 20125 // JVNDB: JVNDB-2006-000572 // CNNVD: CNNVD-200609-401 // NVD: CVE-2006-4950

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2006-4950
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#123140
value:	7.27
Trust: 0.8
NVD:	CVE-2006-4950
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-200609-401
value:	CRITICAL
Trust: 0.6
VULHUB:	VHN-21058
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2006-4950
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-21058
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#123140 // VULHUB: VHN-21058 // JVNDB: JVNDB-2006-000572 // CNNVD: CNNVD-200609-401 // NVD: CVE-2006-4950

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-4950

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200609-401

TYPE

Design Error

Trust: 0.9

sources: BID: 20125 // CNNVD: CNNVD-200609-401

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-000572

PATCH

title:	cisco-sa-20060920-docsis	url:	http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml	Trust: 0.8
title:	cisco-sa-20060920-docsis	url:	http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20060920-docsis-j.shtml	Trust: 0.8

sources: JVNDB: JVNDB-2006-000572

EXTERNAL IDS

db:	BID	id:	20125	Trust: 2.8
db:	SECUNIA	id:	21974	Trust: 2.6
db:	CERT/CC	id:	VU#123140	Trust: 2.5
db:	NVD	id:	CVE-2006-4950	Trust: 2.5
db:	OSVDB	id:	29034	Trust: 1.7
db:	SECTRACK	id:	1016899	Trust: 1.7
db:	VUPEN	id:	ADV-2006-3722	Trust: 1.7
db:	JVNDB	id:	JVNDB-2006-000572	Trust: 0.8
db:	CNNVD	id:	CNNVD-200609-401	Trust: 0.7
db:	CISCO	id:	20060920 DOCSIS READ-WRITE COMMUNITY STRING ENABLED IN NON-DOCSIS PLATFORMS	Trust: 0.6
db:	OVAL	id:	OVAL:ORG.MITRE.OVAL:DEF:5665	Trust: 0.6
db:	XF	id:	29054	Trust: 0.6
db:	VULHUB	id:	VHN-21058	Trust: 0.1
db:	PACKETSTORM	id:	50202	Trust: 0.1

sources: CERT/CC: VU#123140 // VULHUB: VHN-21058 // BID: 20125 // JVNDB: JVNDB-2006-000572 // PACKETSTORM: 50202 // CNNVD: CNNVD-200609-401 // NVD: CVE-2006-4950

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml	Trust: 2.6
url:	http://www.securityfocus.com/bid/20125	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/123140	Trust: 1.7
url:	http://www.osvdb.org/29034	Trust: 1.7
url:	http://securitytracker.com/id?1016899	Trust: 1.7
url:	http://secunia.com/advisories/21974	Trust: 1.7
url:	http://www.frsirt.com/english/advisories/2006/3722	Trust: 1.4
url:	https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5665	Trust: 1.1
url:	http://www.vupen.com/english/advisories/2006/3722	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/29054	Trust: 1.1
url:	http://secunia.com/advisories/21974/	Trust: 0.9
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4950	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2006-4950	Trust: 0.8
url:	http://xforce.iss.net/xforce/xfdb/29054	Trust: 0.6
url:	http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5665	Trust: 0.6
url:	http://www.cisco.com/en/us/products/sw/iosswrel/products_ios_cisco_ios_software_category_home.html	Trust: 0.3
url:	http://www.cisco.com/en/us/products/sw/iosswrel/ps1838/products_feature_guide09186a008052446b.html	Trust: 0.3
url:	/archive/1/446499	Trust: 0.3
url:	http://secunia.com/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/product/50/	Trust: 0.1
url:	http://secunia.com/about_secunia_advisories/	Trust: 0.1
url:	http://secunia.com/quality_assurance_analyst/	Trust: 0.1
url:	http://secunia.com/hardcore_disassembler_and_reverse_engineer/	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/web_application_security_specialist/	Trust: 0.1
url:	http://secunia.com/product/182/	Trust: 0.1

sources: CERT/CC: VU#123140 // VULHUB: VHN-21058 // BID: 20125 // JVNDB: JVNDB-2006-000572 // PACKETSTORM: 50202 // CNNVD: CNNVD-200609-401 // NVD: CVE-2006-4950

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200609-401

SOURCES

db:	CERT/CC	id:	VU#123140
db:	VULHUB	id:	VHN-21058
db:	BID	id:	20125
db:	JVNDB	id:	JVNDB-2006-000572
db:	PACKETSTORM	id:	50202
db:	CNNVD	id:	CNNVD-200609-401
db:	NVD	id:	CVE-2006-4950

LAST UPDATE DATE

2024-08-14T14:47:53.482000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#123140	date:	2006-10-13T00:00:00
db:	VULHUB	id:	VHN-21058	date:	2017-10-11T00:00:00
db:	BID	id:	20125	date:	2006-09-21T19:21:00
db:	JVNDB	id:	JVNDB-2006-000572	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200609-401	date:	2009-03-04T00:00:00
db:	NVD	id:	CVE-2006-4950	date:	2017-10-11T01:31:17.423

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#123140	date:	2006-10-13T00:00:00
db:	VULHUB	id:	VHN-21058	date:	2006-09-23T00:00:00
db:	BID	id:	20125	date:	2006-09-20T00:00:00
db:	JVNDB	id:	JVNDB-2006-000572	date:	2007-04-01T00:00:00
db:	PACKETSTORM	id:	50202	date:	2006-09-21T23:56:25
db:	CNNVD	id:	CNNVD-200609-401	date:	2006-09-23T00:00:00
db:	NVD	id:	CVE-2006-4950	date:	2006-09-23T10:07:00