SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Firewall)  >   Cisco Firewall Services Module Vendors:   Cisco
Cisco Firewall Service Module (FWSM) Lets Remote Users Bypass Websense Content Filtering With Fragmented Requests
SecurityTracker Alert ID:  1016039
SecurityTracker URL:  http://securitytracker.com/id/1016039
CVE Reference:   CVE-2006-0515   (Links to External Site)
Date:  May 8 2006
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): prior to 2.3(4); 3.x prior to 3.1(1.7)
Description:   A vulnerability was reported in Cisco Firewall Services Module when used with the Websense content filter. A remote user can access restricted web sites.

A remote user can send an HTTP GET request that is fragmented into multiple packets to cause the target firewall device to incorrectly allow the remote user to access the requested web site.

The Cisco PIX firewall is also affected.

Cisco has assigned Cisco Bug IDs CSCsc67612, CSCsc68472, and CSCsd81734 to this vulnerability.

George Gal of Virtual Security Research reported this vulnerability.

The vendor was notified on November 4, 2005.

A demonstration exploit is available at:

http://www.vsecurity.com/tools/WebsenseBypassProxy.java

The original advisory is available at:

http://www.vsecurity.com/bulletins/advisories/2006/cisco-websense-bypass.txt

Impact:   A remote user can access restricted web sites.
Solution:   The vendor has issued fixed versions of PIX: 6.3.5(112) and later, 7.0(5), and 7.1(2).

The vendor has issued fixed versions of FWSM: 2.3(4) and 3.1(1.7) and later.

The Cisco advisory is available at:

http://www.cisco.com/warp/public/707/cisco-sr-20060508-pix.shtml

Vendor URL:  www.cisco.com/warp/public/707/cisco-sr-20060508-pix.shtml (Links to External Site)
Cause:   Access control error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC