Network Admission Control Vulnerability in Cisco Clean Access Agent
CVE-2006-4430

Currently unrated

Key Information:

Vendor

Cisco
Status
Network Admission Control
Network Admission Control Manager And Server System Software
Vendor
CVE Published:
29 August 2006

What is CVE-2006-4430?

Certain versions of Cisco Network Admission Control (NAC) permit remote attackers to interfere with the installation of the Cisco Clean Access (CCA) Agent. By altering the HTTP User-Agent header or manipulating the TCP/IP stack behavior, an attacker can potentially bypass protective mechanisms that restrict unauthorized access. Although Cisco has disputed the impact of this issue, users should be aware of potential vulnerabilities in their systems.

References

http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005...
mailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/bid/19726
vdb-entryx_refsource_BID
http://www.securityfocus.com/archive/1/444737/100/0/threaded
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2006-4430 : Network Admission Control Vulnerability in Cisco Clean Access Agent