CVE-2006-4430

Currently unrated

Key Information:

Vendor: Cisco
Status: Network Admission Control; Network Admission Control Manager And Server System Software
Vendor: CVE Published:; 29 August 2006

Summary

The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.

References

http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/19726

vdb-entryx_refsource_BID

http://www.securityfocus.com/archive/1/444737/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Aug 29, 2006
Vulnerability Reserved
Aug 28, 2006