Sign-up

ID

VAR-200611-0033


CVE

CVE-2006-5660


TITLE

Cisco Security Agent Management Center Authentication Bypass Vulnerability

Trust: 0.9

sources: BID: 20852 // CNNVD: CNNVD-200611-016

DESCRIPTION

Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server. Exploiting this issue allows remote attackers to gain administrative access to the web-based administrative interface of the affected application. This issue affects Cisco Security Agent Management Center 5.1 prior to 5.1.0.79. This issue is being tracked by Cisco Bug ID CSCsg40822. Cisco Security Agent (CSA) provides threat protection for server and desktop computing systems. There is a loophole in CSA processing LDAP authentication, and remote attackers may use this loophole to obtain unauthorized management rights. If the administrator has the configuration or deployment role, it is possible to change the policies of the managed CSA clients. This can lead to a reduction in the security posture of the managed system and an attack on the managed system. ---------------------------------------------------------------------- To improve our services to our customers, we have made a number of additions to the Secunia Advisories and have started translating the advisories to German. The improvements will help our customers to get a better understanding of how we reached our conclusions, how it was rated, our thoughts on exploitation, attack vectors, and scenarios. The vulnerability is reported in version 5.1 prior to Hotfix 5.1.0.79. SOLUTION: Apply Hotfix 5.1.0.79 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.79

sources: NVD: CVE-2006-5660 // CERT/CC: VU#778648 // JVNDB: JVNDB-2006-001470 // BID: 20852 // VULHUB: VHN-21768 // PACKETSTORM: 51576

AFFECTED PRODUCTS

vendor:ciscomodel:security agent management centerscope:eqversion:5.1

Trust: 1.9

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel:security agent management centerscope:eqversion:5.1.0.79

Trust: 0.8

vendor:ciscomodel:security agent management centerscope:ltversion:5.1

Trust: 0.8

vendor:ciscomodel:security agent management centerscope:neversion:5.1.79

Trust: 0.3

sources: CERT/CC: VU#778648 // BID: 20852 // JVNDB: JVNDB-2006-001470 // CNNVD: CNNVD-200611-016 // NVD: CVE-2006-5660

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-5660
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#778648
value: 18.43

Trust: 0.8

NVD: CVE-2006-5660
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200611-016
value: HIGH

Trust: 0.6

VULHUB: VHN-21768
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-5660
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-21768
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#778648 // VULHUB: VHN-21768 // JVNDB: JVNDB-2006-001470 // CNNVD: CNNVD-200611-016 // NVD: CVE-2006-5660

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2006-5660

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200611-016

TYPE

access verification error

Trust: 0.6

sources: CNNVD: CNNVD-200611-016

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2006-001470

PATCH
title:cisco-sa-20061101-csamcurl:http://www.cisco.com/en/US/products/csa/cisco-sa-20061101-csamc.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2006-001470

EXTERNAL IDS
db:CERT/CCid:VU#778648
Trust: 3.3
db:SECUNIAid:22684
Trust: 2.6
db:NVDid:CVE-2006-5660
Trust: 2.5
db:BIDid:20852
Trust: 2.0
db:SECTRACKid:1017148
Trust: 1.7
db:OSVDBid:30169
Trust: 1.7
db:VUPENid:ADV-2006-4308
Trust: 1.7
db:JVNDBid:JVNDB-2006-001470
Trust: 0.8
db:CNNVDid:CNNVD-200611-016
Trust: 0.7
db:XFid:29955
Trust: 0.6
db:CISCOid:20061101 CISCO SECURITY AGENT MANAGEMENT CENTER LDAP ADMINISTRATOR AUTHENTICATION BYPASS
Trust: 0.6
db:VULHUBid:VHN-21768
Trust: 0.1
db:PACKETSTORMid:51576
Trust: 0.1
sources:
            
            
            CERT/CC: VU#778648 // 
            
            
            
            VULHUB: VHN-21768 // 
            
            
            
            BID: 20852 // 
            
            
            
            JVNDB: JVNDB-2006-001470 // 
            
            
            
            PACKETSTORM: 51576 // 
            
            
            
            CNNVD: CNNVD-200611-016 // 
            
            
            
            NVD: CVE-2006-5660

REFERENCES
url:http://www.kb.cert.org/vuls/id/778648
Trust: 2.5
url:http://www.cisco.com/en/us/products/products_security_advisory09186a00807726f7.shtml
Trust: 1.8
url:http://www.securityfocus.com/bid/20852
Trust: 1.7
url:http://www.osvdb.org/30169
Trust: 1.7
url:http://securitytracker.com/id?1017148
Trust: 1.7
url:http://secunia.com/advisories/22684
Trust: 1.7
url:http://www.cisco.com/warp/public/707/cisco-sa-20061101-csamc.shtml
Trust: 1.1
url:http://www.vupen.com/english/advisories/2006/4308
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/29955
Trust: 1.1
url:http://secunia.com/advisories/22684/
Trust: 0.9
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5660
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5660
Trust: 0.8
url:http://xforce.iss.net/xforce/xfdb/29955
Trust: 0.6
url:http://www.frsirt.com/english/advisories/2006/4308
Trust: 0.6
url:http://www.cisco.com/en/us/products/sw/secursw/ps5057/index.html
Trust: 0.3
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://corporate.secunia.com/products/48/?r=l
Trust: 0.1
url:http://secunia.com/product/12423/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://corporate.secunia.com/how_to_buy/15/?r=l
Trust: 0.1
sources:
            
            
            CERT/CC: VU#778648 // 
            
            
            
            VULHUB: VHN-21768 // 
            
            
            
            BID: 20852 // 
            
            
            
            JVNDB: JVNDB-2006-001470 // 
            
            
            
            PACKETSTORM: 51576 // 
            
            
            
            CNNVD: CNNVD-200611-016 // 
            
            
            
            NVD: CVE-2006-5660

CREDITS
Cisco Security bulletin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200611-016

SOURCES
db:CERT/CCid:VU#778648
db:VULHUBid:VHN-21768
db:BIDid:20852
db:JVNDBid:JVNDB-2006-001470
db:PACKETSTORMid:51576
db:CNNVDid:CNNVD-200611-016
db:NVDid:CVE-2006-5660

LAST UPDATE DATE
2024-08-14T13:39:33.445000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#778648date:2007-01-05T00:00:00
db:VULHUBid:VHN-21768date:2017-07-20T00:00:00
db:BIDid:20852date:2006-11-02T17:02:00
db:JVNDBid:JVNDB-2006-001470date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200611-016date:2006-11-06T00:00:00
db:NVDid:CVE-2006-5660date:2017-07-20T01:33:53.557

SOURCES RELEASE DATE
db:CERT/CCid:VU#778648date:2006-12-11T00:00:00
db:VULHUBid:VHN-21768date:2006-11-03T00:00:00
db:BIDid:20852date:2006-11-01T00:00:00
db:JVNDBid:JVNDB-2006-001470date:2012-06-26T00:00:00
db:PACKETSTORMid:51576date:2006-11-02T15:01:38
db:CNNVDid:CNNVD-200611-016date:2006-11-02T00:00:00
db:NVDid:CVE-2006-5660date:2006-11-03T00:07:00