Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2006-0515 | First vendor Publication | 2006-05-09 |
Vendor | Cve | Last vendor Modification | 2023-08-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0515 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
25453 | Cisco PIX/ASA/FWSM WebSense URL Filter Bypass Cisco PIX, ASA and FWSM products contain a flaw that may allow a malicious user to bypass Internet content filtering. The issue is triggered when a fragmented HTTP request is sent by the attacker, and the request is not forwarded to a Websense server for evaluation. It is possible that the flaw may allow circumvention of an access control resulting in a loss of integrity. |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2023-08-12 05:29:02 |
|
2020-05-23 00:17:22 |
|
2018-10-31 00:19:45 |
|
2018-10-19 21:19:45 |
|
2017-07-20 09:23:20 |
|
2016-06-28 15:36:20 |
|
2016-04-26 14:16:16 |
|
2013-05-11 10:48:35 |
|