ID |
CVE-2006-4910
|
Summary |
The web administration interface (mainApp) to Cisco IDS before 4.1(5c), and IPS 5.0 before 5.0(6p1) and 5.1 before 5.1(2) allows remote attackers to cause a denial of service (unresponsive device) via a crafted SSLv2 Client Hello packet. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:cisco:ids_sensor_software:4.1\(5b\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ids_sensor_software:4.1\(5b\):*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:ips_sensor_software:5.0\(6\)p1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:ips_sensor_software:5.0\(6\)p1:*:*:*:*:*:*:*
-
cpe:2.3:a:cisco:ips_sensor_software:5.1\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:ips_sensor_software:5.1\(1\):*:*:*:*:*:*:*
|
CVSS |
Base: | 5.0 (as of 30-10-2018 - 16:25) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
NONE |
NONE |
PARTIAL |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
refmap
via4
|
bid | 20124 | cert-vn | VU#642076 | cisco | 20060920 Cisco Security Advisory: Cisco Intrusion Prevention System Management Interface Denial of Service and Fragmented Packet Evasion Vulnerabilities | osvdb | 29037 | sectrack | 1016891 | secunia | 22046 | vupen | ADV-2006-3721 | xf | cisco-ips-ssl-dos(29056) |
|
Last major update |
30-10-2018 - 16:25 |
Published |
21-09-2006 - 00:07 |
Last modified |
30-10-2018 - 16:25 |