var-200605-0001
Vulnerability from variot
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key. Cisco Secure ACS is susceptible to an insecure password-storage vulnerability. This issue is due to a failure of the application to properly secure sensitive password information. This issue allows attackers to gain access to encrypted passwords and to the key used to encrypt them. This allows them to obtain the plaintext passwords, aiding them in attacking other services that depend on the ACS server for authentication. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Symantec Vulnerability Research
https://www.symantec.com/research
Security Advisory
Advisory ID : SYMSA-2006-003 Advisory Title: Cisco Secure ACS for Windows - Administrator Password Disclosure Author : Andreas Junestam Release Date : 05-08-2006 Application : Cisco Secure ACS 3.x for Windows Platform : Microsoft Windows Severity : System access / exploit available Vendor status : Vendor verified, workaround available CVE Number : CVE-2006-0561 Reference : http://www.securityfocus.com/bid/16743
Overview:
Cisco Secure ACS is a central administration platform for
Cisco network devices. It controls authentication and
authorization for enrolled devices. Administrative
passwords for locally-defined users are stored in such a
way they can be obtained from the Windows registry. If
remote registry access is enabled, this can be done over
the network. The passwords are
encrypted using the Crypto API Microsoft Base Cryptographic
Provider v1.0. This information
can easily be obtained locally by a Windows administrator,
and if remote registry access is enabled, it can be
obtained over the network. With this, the clear-text
passwords can be recovered by decrypting the information
in the registry with the supplied key. A locally generated master key is used to
encrypt/decrypt the ACS administrator passwords. The master
key is also stored in the Windows registry in an encrypted
format. One feature of Windows
operating systems is the ability to modify the permissions
of a registry key to remove access even for local or
domain administrators.
The following registry key and all of its sub-keys need to
be protected.
HKEY_LOCAL_MACHINE\SOFTWARE\Cisco\CiscoAAAv3.3\CSAdmin\Administrators
Note: The "CiscoAAAv3.3" portion of the registry key path
may differ slightly depending on the version of Cisco Secure
ACS for Windows that is installed. The Windows users that need permissions to the registry
key will depend on the deployment type.
For information about editing the Windows registry, please
consult the following Microsoft documentation. For information on
restricting remote registry access, please consult the
following Microsoft documentation.
"How to restrict access to the registry from a remote computer"
http://support.microsoft.com/kb/q153183
"How to Manage Remote Access to the Registry"
http://support.microsoft.com/kb/q314837
Recommendation:
Follow your organization's testing procedures before
applying patches or workarounds. See Cisco's instructions
on how to place an ACL on the Registry Key, and also how
to restrict remote access to the Windows registry.
These recommendations do not eliminate the vulnerability,
but provide some mitigation.
Common Vulnerabilities and Exposures (CVE) Information:
The Common Vulnerabilities and Exposures (CVE) project has assigned the following names to these issues. These are candidates for inclusion in the CVE list (http://cve.mitre.org), which standardizes names for security problems.
CVE-2006-0561
- -------Symantec Vulnerability Research Advisory Information-------
For questions about this advisory, or to report an error: research@symantec.com
For details on Symantec's Vulnerability Reporting Policy: http://www.symantec.com/research/Symantec-Responsible-Disclosure.pdf
Symantec Vulnerability Research Advisory Archive: http://www.symantec.com/research/
Symantec Vulnerability Research PGP Key: http://www.symantec.com/research/Symantec_Vulnerability_Research_PGP.asc
- -------------Symantec Product Advisory Information-------------
To Report a Security Vulnerability in a Symantec Product: secure@symantec.com
For general information on Symantec's Product Vulnerability reporting and response: http://www.symantec.com/security/
Symantec Product Advisory Archive: http://www.symantec.com/avcenter/security/SymantecAdvisories.html
Symantec Product Advisory PGP Key: http://www.symantec.com/security/Symantec-Vulnerability-Management-Key.asc
Copyright (c) 2006 by Symantec Corp. Permission to redistribute this alert electronically is granted as long as it is not edited in any way unless authorized by Symantec Consulting Services. Reprinting the whole or part of this alert in any medium other than electronically requires permission from cs_advisories@symantec.com.
Disclaimer The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information.
Symantec, Symantec products, and Symantec Consulting Services are registered trademarks of Symantec Corp. and/or affiliated companies in the United States and other countries. All other registered and unregistered trademarks represented in this document are the sole property of their respective companies/owners. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEXR5muk7IIFI45IARArK+AJwOzswbkJN2WirzNweklR+iBBHpsQCgyNOe vKVo3Si7ycswRs/2kiA997I= =dkX3 -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200605-0001",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "3.x (windows)"
},
{
"model": "secure acs for windows server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.3"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3(1)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.2"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2.1"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(3)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(2)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1.20)"
},
{
"model": "secure access control server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.2(1)"
},
{
"model": "secure access control server",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure acs solution engine",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "secure access control server",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "16743"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.1.1:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.1:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.0.1:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.0.3:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_server:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:secure_access_control_server:3.3:*:windows_nt:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0561"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Andreas Junestam andreas@atstake.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
],
"trust": 0.6
},
"cve": "CVE-2006-0561",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 7.2,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2006-0561",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.9,
"id": "VHN-16669",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-0561",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200605-133",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-16669",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16669"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft\u0027s cryptographic API functions to obtain the plaintext version of the master key. Cisco Secure ACS is susceptible to an insecure password-storage vulnerability. This issue is due to a failure of the application to properly secure sensitive password information. \nThis issue allows attackers to gain access to encrypted passwords and to the key used to encrypt them. This allows them to obtain the plaintext passwords, aiding them in attacking other services that depend on the ACS server for authentication. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n\n\n Symantec Vulnerability Research \n https://www.symantec.com/research\n Security Advisory\n\nAdvisory ID : SYMSA-2006-003\nAdvisory Title: Cisco Secure ACS for Windows - Administrator \n Password Disclosure\nAuthor : Andreas Junestam\nRelease Date : 05-08-2006\nApplication : Cisco Secure ACS 3.x for Windows\nPlatform : Microsoft Windows\nSeverity : System access / exploit available \nVendor status : Vendor verified, workaround available\nCVE Number : CVE-2006-0561\nReference : http://www.securityfocus.com/bid/16743\n\n\nOverview: \n\n\tCisco Secure ACS is a central administration platform for \n\tCisco network devices. It controls authentication and \n\tauthorization for enrolled devices. Administrative \n\tpasswords for locally-defined users are stored in such a \n\tway they can be obtained from the Windows registry. If \n\tremote registry access is enabled, this can be done over \n\tthe network. The passwords are \n\tencrypted using the Crypto API Microsoft Base Cryptographic \n\tProvider v1.0. This information \n\tcan easily be obtained locally by a Windows administrator, \n\tand if remote registry access is enabled, it can be \n\tobtained over the network. With this, the clear-text \n\tpasswords can be recovered by decrypting the information \n\tin the registry with the supplied key. A locally generated master key is used to \n\tencrypt/decrypt the ACS administrator passwords. The master\n\tkey is also stored in the Windows registry in an encrypted \n\tformat. One feature of Windows \n\toperating systems is the ability to modify the permissions \n\tof a registry key to remove access even for local or \n\tdomain administrators. \n\n\tThe following registry key and all of its sub-keys need to \n\tbe protected. \n\nHKEY_LOCAL_MACHINE\\SOFTWARE\\Cisco\\CiscoAAAv3.3\\CSAdmin\\Administrators\n\n\tNote: The \"CiscoAAAv3.3\" portion of the registry key path\n\tmay differ slightly depending on the version of Cisco Secure\n\tACS for Windows that is installed. The Windows users that need permissions to the registry\n\tkey will depend on the deployment type. \n\n\tFor information about editing the Windows registry, please \n\tconsult the following Microsoft documentation. For information on\n\trestricting remote registry access, please consult the\n\tfollowing Microsoft documentation. \n\n\t\"How to restrict access to the registry from a remote computer\"\n\n\thttp://support.microsoft.com/kb/q153183\n\n\t\"How to Manage Remote Access to the Registry\"\n\n\thttp://support.microsoft.com/kb/q314837\n\t\nRecommendation:\n\t\n\tFollow your organization\u0027s testing procedures before \n\tapplying patches or workarounds. See Cisco\u0027s instructions\n\ton how to place an ACL on the Registry Key, and also how \n\tto restrict remote access to the Windows registry. \n\n\tThese recommendations do not eliminate the vulnerability, \n\tbut provide some mitigation. \n\n\nCommon Vulnerabilities and Exposures (CVE) Information:\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned \nthe following names to these issues. These are candidates for \ninclusion in the CVE list (http://cve.mitre.org), which standardizes \nnames for security problems. \n\n\n\tCVE-2006-0561\n\n- -------Symantec Vulnerability Research Advisory Information-------\n\nFor questions about this advisory, or to report an error:\nresearch@symantec.com\n\nFor details on Symantec\u0027s Vulnerability Reporting Policy: \nhttp://www.symantec.com/research/Symantec-Responsible-Disclosure.pdf\n\nSymantec Vulnerability Research Advisory Archive: \nhttp://www.symantec.com/research/ \n\nSymantec Vulnerability Research PGP Key:\nhttp://www.symantec.com/research/Symantec_Vulnerability_Research_PGP.asc\n\n- -------------Symantec Product Advisory Information-------------\n\nTo Report a Security Vulnerability in a Symantec Product:\nsecure@symantec.com \n\nFor general information on Symantec\u0027s Product Vulnerability \nreporting and response:\nhttp://www.symantec.com/security/\n\nSymantec Product Advisory Archive: \nhttp://www.symantec.com/avcenter/security/SymantecAdvisories.html\n\nSymantec Product Advisory PGP Key:\nhttp://www.symantec.com/security/Symantec-Vulnerability-Management-Key.asc\n\n- ---------------------------------------------------------------\n\nCopyright (c) 2006 by Symantec Corp. \nPermission to redistribute this alert electronically is granted \nas long as it is not edited in any way unless authorized by \nSymantec Consulting Services. Reprinting the whole or part of \nthis alert in any medium other than electronically requires \npermission from cs_advisories@symantec.com. \n\nDisclaimer\nThe information in the advisory is believed to be accurate at the \ntime of publishing based on currently available information. Use \nof the information constitutes acceptance for use in an AS IS \ncondition. There are no warranties with regard to this information. \nNeither the author nor the publisher accepts any liability for any \ndirect, indirect, or consequential loss or damage arising from use \nof, or reliance on, this information. \n\nSymantec, Symantec products, and Symantec Consulting Services are \nregistered trademarks of Symantec Corp. and/or affiliated companies \nin the United States and other countries. All other registered and \nunregistered trademarks represented in this document are the sole \nproperty of their respective companies/owners. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.2.2 (GNU/Linux)\n\niD8DBQFEXR5muk7IIFI45IARArK+AJwOzswbkJN2WirzNweklR+iBBHpsQCgyNOe\nvKVo3Si7ycswRs/2kiA997I=\n=dkX3\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"db": "BID",
"id": "16743"
},
{
"db": "VULHUB",
"id": "VHN-16669"
},
{
"db": "PACKETSTORM",
"id": "46315"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-16669",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16669"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2006-0561",
"trust": 2.9
},
{
"db": "BID",
"id": "16743",
"trust": 2.1
},
{
"db": "SECTRACK",
"id": "1016042",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "25892",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-1741",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003863",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200605-133",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20060508 RESPONSE TO SYMANTEC SYMSA-2006-003 CISCO SECURE ACS FOR WINDOWS - ADMINISTRATOR PASSWORD DISCLOSURE",
"trust": 0.6
},
{
"db": "XF",
"id": "26307",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060508 RE: SYMSA-2006-003: CISCO SECURE ACS FOR WINDOWS - ADMINISTRATOR PASSWORD DISCLOSURE",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20060508 SYMSA-2006-003: CISCO SECURE ACS FOR WINDOWS - ADMINISTRATOR PASSWORD DISCLOSURE",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "46315",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-16669",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16669"
},
{
"db": "BID",
"id": "16743"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"db": "PACKETSTORM",
"id": "46315"
},
{
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
]
},
"id": "VAR-200605-0001",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-16669"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:02:42.865000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYMSA-2006-003.txt",
"trust": 0.8,
"url": "http://www.symantec.com/enterprise/research/symsa-2006-003.txt"
},
{
"title": "16743",
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/16743"
},
{
"title": "threaded",
"trust": 0.8,
"url": "http://www.securityfocus.com/archive/1/433301/100/0/threaded"
},
{
"title": "cisco-sr-20060508-acs.shtml",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20060508-acs.shtml"
},
{
"title": "id?1016042",
"trust": 0.8,
"url": "http://securitytracker.com/id?1016042"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-0561"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/16743"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/433301/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/433286/100/0/threaded"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/cisco-sr-20060508-acs.shtml"
},
{
"trust": 1.7,
"url": "http://www.symantec.com/enterprise/research/symsa-2006-003.txt"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/25892"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1016042"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2006/1741"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26307"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0561"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-0561"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/1741"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/26307"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2086/index.html"
},
{
"trust": 0.3,
"url": "/archive/1/433301"
},
{
"trust": 0.3,
"url": "/archive/1/433679"
},
{
"trust": 0.3,
"url": "/archive/1/433286"
},
{
"trust": 0.1,
"url": "https://www.symantec.com/research"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org),"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/research/symantec-responsible-disclosure.pdf"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/research/"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/default.aspx?scid=kb;en-us;256986"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/research/symantec_vulnerability_research_pgp.asc"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/avcenter/security/symantecadvisories.html"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/q153183"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-0561"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/security/"
},
{
"trust": 0.1,
"url": "http://www.symantec.com/security/symantec-vulnerability-management-key.asc"
},
{
"trust": 0.1,
"url": "http://support.microsoft.com/kb/q314837"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-16669"
},
{
"db": "BID",
"id": "16743"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"db": "PACKETSTORM",
"id": "46315"
},
{
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-16669"
},
{
"db": "BID",
"id": "16743"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"db": "PACKETSTORM",
"id": "46315"
},
{
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-05-10T00:00:00",
"db": "VULHUB",
"id": "VHN-16669"
},
{
"date": "2006-05-08T00:00:00",
"db": "BID",
"id": "16743"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"date": "2006-05-17T06:59:28",
"db": "PACKETSTORM",
"id": "46315"
},
{
"date": "2006-05-10T02:14:00",
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"date": "2006-05-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-07-20T00:00:00",
"db": "VULHUB",
"id": "VHN-16669"
},
{
"date": "2006-05-15T19:54:00",
"db": "BID",
"id": "16743"
},
{
"date": "2014-03-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-003863"
},
{
"date": "2017-07-20T01:29:52.737000",
"db": "NVD",
"id": "CVE-2006-0561"
},
{
"date": "2006-05-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows for Cisco Secure Access Control Server Password cracking vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-003863"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "16743"
},
{
"db": "CNNVD",
"id": "CNNVD-200605-133"
}
],
"trust": 0.9
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.