QwikSec

Security Database

CVE

CWE

Training

CVE-2006-0515

Published: May 9, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20060508 VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_OSVDB

http://www.vsecurity.com/bulletins/advisories/2006/cisco-websense-bypass.txt

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

20060508 PIX/ASA/FWSM Websense/N2H2 Content Filter Bypass

vendor-advisory

x_refsource_CISCO

vdb-entry

x_refsource_SECTRACK

vdb-entry

x_refsource_SECTRACK

20060508 VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices

mailing-list

x_refsource_BUGTRAQ

cisco-websense-content-filtering-bypass(26308)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.