CVE-2006-0515

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; Pix Firewall; Firewall Services Module; Pix Firewall Software
Vendor: CVE Published:; 9 May 2006

Summary

Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-M...

mailing-listx_refsource_FULLDISC

http://www.osvdb.org/25453

vdb-entryx_refsource_OSVDB

http://www.vsecurity.com/bulletins/advisories/2006/cisco-...

x_refsource_MISC

Timeline

Vulnerability published
May 9, 2006
Vulnerability Reserved
Feb 2, 2006