var-200609-0398
Vulnerability from variot
The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. Cisco IPS systems may fail to check specially-crafted IP packets that are fragmented. The web administration interface of Cisco Intrusion Prevention System and Intrusion Detection System devices fails to properly handle certain Secure Socket Layer packets. This vulnerability may cause a denial of service. Cisco Intrusion Prevention and Intrusion Detection Systems are prone to an inspection-bypass vulnerability. An attacker can exploit this issue to bypass the inspection mechanism. This may allow attackers to covertly attack presumably protected systems. This issue is being tracked by Cisco bug IDs CSCse17206 and CSCsf12379. An attacker can exploit this issue to cause the interface to become unresponsive, effectively denying administrative access to devices. Remote attackers may use this vulnerability to cause the management port to fail. This can be exploited to bypass the Intrusion Prevention System to e.g.
Want to work within IT-Security?
Secunia is expanding its team of highly skilled security experts. We will help with relocation and obtaining a work permit.
The vulnerability is caused due to an error within the processing of SSL v2 client Hello packets. This can be exploited to cause a DoS by sending a specially crafted Hello packet to a vulnerable system.
Successful exploitation can cause the mainApp process to fail, stopping a system from responding to remote management request sent to the web administration interface or the command-line interface via SSH, sending SMTP traps, and automatically updating ACLs (Access Control Lists) on remote firewall systems.
The vulnerability affects the following products: - Cisco IDS 4.1(x) software prior to 4.1(5c) - Cisco IPS 5.0(x) software prior to 5.0(6p1) - Cisco IPS 5.1(x) software prior to 5.1(2)
SOLUTION: Apply updated software.
Cisco IDS 4.1(5b) and earlier: Update to Cisco IDS 4.1(5c)
Cisco IPS 5.0(6p1) and earlier: Update to Cisco IPS 5.0(6p2)
Cisco IPS 5.1(1) and earlier: Update to Cisco IPS 5.1(2)
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml
OTHER REFERENCES: US-CERT VU#658884: http://www.kb.cert.org/vuls/id/658884
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200609-0398",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "intrusion prevention system 5.1",
"scope": null,
"trust": 3.0,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "ids sensor software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.1\\(5b\\)"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.0\\(6\\)p1"
},
{
"model": "ips sensor software",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "5.1\\(1\\)"
},
{
"model": "intrusion prevention system software",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "5.0(6p1)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1(1)"
},
{
"model": "intrusion prevention system 5.0",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1"
},
{
"model": "intrusion prevention system",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1(2)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0(3)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0(2)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.1\\(1\\)"
},
{
"model": "ids",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "4.1\\(5b\\)"
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "5.0\\(6\\)p1"
},
{
"model": "intrusion prevention system 5.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion prevention system",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.x"
},
{
"model": "intrusion detection system 4.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "intrusion detection system 4.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#658884"
},
{
"db": "CERT/CC",
"id": "VU#642076"
},
{
"db": "BID",
"id": "20127"
},
{
"db": "BID",
"id": "20124"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.1\\(1\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ids_sensor_software:4.1\\(5b\\):*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:ips_sensor_software:5.0\\(6\\)p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4910"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "20127"
},
{
"db": "BID",
"id": "20124"
}
],
"trust": 0.6
},
"cve": "CVE-2006-4910",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2006-4910",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-21018",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2006-4910",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#658884",
"trust": 0.8,
"value": "4.59"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#642076",
"trust": 0.8,
"value": "3.66"
},
{
"author": "CNNVD",
"id": "CNNVD-200609-363",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-21018",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2006-4910",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#658884"
},
{
"db": "CERT/CC",
"id": "VU#642076"
},
{
"db": "VULHUB",
"id": "VHN-21018"
},
{
"db": "VULMON",
"id": "CVE-2006-4910"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. Cisco IPS systems may fail to check specially-crafted IP packets that are fragmented. The web administration interface of Cisco Intrusion Prevention System and Intrusion Detection System devices fails to properly handle certain Secure Socket Layer packets. This vulnerability may cause a denial of service. Cisco Intrusion Prevention and Intrusion Detection Systems are prone to an inspection-bypass vulnerability. \nAn attacker can exploit this issue to bypass the inspection mechanism. This may allow attackers to covertly attack presumably protected systems. \nThis issue is being tracked by Cisco bug IDs CSCse17206 and CSCsf12379. \nAn attacker can exploit this issue to cause the interface to become unresponsive, effectively denying administrative access to devices. Remote attackers may use this vulnerability to cause the management port to fail. This can be exploited to bypass the Intrusion\nPrevention System to e.g. \n\n----------------------------------------------------------------------\n\nWant to work within IT-Security?\n\nSecunia is expanding its team of highly skilled security experts. \nWe will help with relocation and obtaining a work permit. \n\nThe vulnerability is caused due to an error within the processing of\nSSL v2 client Hello packets. This can be exploited to cause a DoS by\nsending a specially crafted Hello packet to a vulnerable system. \n\nSuccessful exploitation can cause the mainApp process to fail,\nstopping a system from responding to remote management request sent\nto the web administration interface or the command-line interface via\nSSH, sending SMTP traps, and automatically updating ACLs (Access\nControl Lists) on remote firewall systems. \n\nThe vulnerability affects the following products:\n- Cisco IDS 4.1(x) software prior to 4.1(5c)\n- Cisco IPS 5.0(x) software prior to 5.0(6p1)\n- Cisco IPS 5.1(x) software prior to 5.1(2)\n\nSOLUTION:\nApply updated software. \n\nCisco IDS 4.1(5b) and earlier:\nUpdate to Cisco IDS 4.1(5c)\n\nCisco IPS 5.0(6p1) and earlier:\nUpdate to Cisco IPS 5.0(6p2)\n\nCisco IPS 5.1(1) and earlier:\nUpdate to Cisco IPS 5.1(2)\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml\n\nOTHER REFERENCES:\nUS-CERT VU#658884:\nhttp://www.kb.cert.org/vuls/id/658884\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"db": "CERT/CC",
"id": "VU#658884"
},
{
"db": "CERT/CC",
"id": "VU#642076"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"db": "BID",
"id": "20127"
},
{
"db": "BID",
"id": "20124"
},
{
"db": "VULHUB",
"id": "VHN-21018"
},
{
"db": "VULMON",
"id": "CVE-2006-4910"
},
{
"db": "PACKETSTORM",
"id": "50207"
},
{
"db": "PACKETSTORM",
"id": "50204"
}
],
"trust": 3.96
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#642076",
"trust": 3.4
},
{
"db": "BID",
"id": "20124",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "22046",
"trust": 2.8
},
{
"db": "NVD",
"id": "CVE-2006-4910",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "29037",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1016891",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2006-3721",
"trust": 1.7
},
{
"db": "XF",
"id": "29056",
"trust": 1.4
},
{
"db": "CERT/CC",
"id": "VU#658884",
"trust": 1.3
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001291",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200609-363",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20060920 CISCO SECURITY ADVISORY: CISCO INTRUSION PREVENTION SYSTEM MANAGEMENT INTERFACE DENIAL OF SERVICE AND FRAGMENTED PACKET EVASION VULNERABILITIES",
"trust": 0.6
},
{
"db": "BID",
"id": "20127",
"trust": 0.3
},
{
"db": "SECUNIA",
"id": "22022",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-21018",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2006/3721",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2006-4910",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50207",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "50204",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#658884"
},
{
"db": "CERT/CC",
"id": "VU#642076"
},
{
"db": "VULHUB",
"id": "VHN-21018"
},
{
"db": "VULMON",
"id": "CVE-2006-4910"
},
{
"db": "BID",
"id": "20127"
},
{
"db": "BID",
"id": "20124"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"db": "PACKETSTORM",
"id": "50207"
},
{
"db": "PACKETSTORM",
"id": "50204"
},
{
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
]
},
"id": "VAR-200609-0398",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-21018"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:40:46.076000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20060920-ips",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20060920-ips"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2006-001291"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2006-4910"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.2,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060920-ips.shtml"
},
{
"trust": 2.7,
"url": "http://www.kb.cert.org/vuls/id/642076"
},
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/20124"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/22046"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/29037"
},
{
"trust": 1.8,
"url": "http://securitytracker.com/id?1016891"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/29056"
},
{
"trust": 1.2,
"url": "http://www.vupen.com/english/advisories/2006/3721"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29056"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/22046/"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/hw/vpndevc/ps4077/products_qanda_item0900aecd801e6a99.shtml"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008055df9a.html#wp1031536"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-4910"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-4910"
},
{
"trust": 0.6,
"url": "/archive/1/446491"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2006/3721"
},
{
"trust": 0.5,
"url": "http://www.kb.cert.org/vuls/id/658884"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2113/"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/en/us/products/sw/secursw/ps2113/index.html"
},
{
"trust": 0.2,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.2,
"url": "http://secunia.com/quality_assurance_analyst/"
},
{
"trust": 0.2,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.2,
"url": "http://secunia.com/product/5600/"
},
{
"trust": 0.2,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.2,
"url": "http://secunia.com/web_application_security_specialist/"
},
{
"trust": 0.2,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=11732"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/22022/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/12069/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#658884"
},
{
"db": "CERT/CC",
"id": "VU#642076"
},
{
"db": "VULHUB",
"id": "VHN-21018"
},
{
"db": "VULMON",
"id": "CVE-2006-4910"
},
{
"db": "BID",
"id": "20127"
},
{
"db": "BID",
"id": "20124"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"db": "PACKETSTORM",
"id": "50207"
},
{
"db": "PACKETSTORM",
"id": "50204"
},
{
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#658884"
},
{
"db": "CERT/CC",
"id": "VU#642076"
},
{
"db": "VULHUB",
"id": "VHN-21018"
},
{
"db": "VULMON",
"id": "CVE-2006-4910"
},
{
"db": "BID",
"id": "20127"
},
{
"db": "BID",
"id": "20124"
},
{
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"db": "PACKETSTORM",
"id": "50207"
},
{
"db": "PACKETSTORM",
"id": "50204"
},
{
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-20T00:00:00",
"db": "CERT/CC",
"id": "VU#658884"
},
{
"date": "2006-09-22T00:00:00",
"db": "CERT/CC",
"id": "VU#642076"
},
{
"date": "2006-09-21T00:00:00",
"db": "VULHUB",
"id": "VHN-21018"
},
{
"date": "2006-09-21T00:00:00",
"db": "VULMON",
"id": "CVE-2006-4910"
},
{
"date": "2006-09-20T00:00:00",
"db": "BID",
"id": "20127"
},
{
"date": "2006-09-20T00:00:00",
"db": "BID",
"id": "20124"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50207"
},
{
"date": "2006-09-21T23:56:25",
"db": "PACKETSTORM",
"id": "50204"
},
{
"date": "2006-09-21T00:07:00",
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"date": "2006-09-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-09-20T00:00:00",
"db": "CERT/CC",
"id": "VU#658884"
},
{
"date": "2006-09-26T00:00:00",
"db": "CERT/CC",
"id": "VU#642076"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-21018"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULMON",
"id": "CVE-2006-4910"
},
{
"date": "2006-09-21T18:46:00",
"db": "BID",
"id": "20127"
},
{
"date": "2006-09-21T18:26:00",
"db": "BID",
"id": "20124"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2006-001291"
},
{
"date": "2018-10-30T16:25:30.887000",
"db": "NVD",
"id": "CVE-2006-4910"
},
{
"date": "2006-09-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "20127"
},
{
"db": "BID",
"id": "20124"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco IPS fails to properly check fragmented IP packets",
"sources": [
{
"db": "CERT/CC",
"id": "VU#658884"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200609-363"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.