CVE-2006-4312

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix Firewall 501; Pix Firewall 515; Pix Firewall 525; Pix Firewall 520
Vendor: CVE Published:; 23 August 2006

Summary

Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.

References

http://www.vupen.com/english/advisories/2006/3367

vdb-entryx_refsource_VUPEN

http://securitytracker.com/id?1016740

vdb-entryx_refsource_SECTRACK

http://www.cisco.com/warp/public/707/cisco-sa-20060823-fi...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Aug 23, 2006
Vulnerability Reserved
Aug 23, 2006