HTTP Access Restriction Bypass in Cisco PIX/ASA and FWSM Products
CVE-2006-0515

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; Pix Firewall; Firewall Services Module; Pix Firewall Software
Vendor: CVE Published:; 9 May 2006

Summary

Cisco PIX/ASA and FWSM products face a vulnerability where remote attackers can circumvent HTTP access restrictions when used alongside Websense/N2H2. By manipulating the GET method of an HTTP request into multiple packets, the request may avoid inspection by Websense, thereby bypassing security filters designed to monitor and restrict web traffic. This presents significant risks for organizations relying on these devices for network security, allowing potentially malicious content to pass through unchecked.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2006-M...

mailing-listx_refsource_FULLDISC

http://www.osvdb.org/25453

vdb-entryx_refsource_OSVDB

http://www.vsecurity.com/bulletins/advisories/2006/cisco-...

x_refsource_MISC

Timeline

Vulnerability published
May 9, 2006
Vulnerability Reserved
Feb 2, 2006