Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2006-3073

Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that "WebVPN full-network-access mode" is not affected, despite the claims by the original researcher.

Published

2006-06-19T10:02:00.000

Last Modified

2025-04-03T01:03:51.193

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 2.6 (LOW)

CVSSv2 Vector

AV:N/AC:H/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

4.9

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Hardware	cisco	asa_5500	7.0	Yes
Hardware	cisco	asa_5500	7.0\(4\)	Yes
Hardware	cisco	asa_5500	7.0.4.3	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	2.0	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	2.5.2.a	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	2.5.2.b	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	2.5.2.c	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	2.5.2.d	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	2.5.2.f	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.0	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.0.3.a	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.0.3.b	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.0.4	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.1	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.1\(rel\)	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.1.1	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.1.2	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.1.4	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.5\(rel\)	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.5.1	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.5.2	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.5.3	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.5.4	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.5.5	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.6	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.6.1	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.6.7	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	3.6.7d	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.0	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.0.1	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.0.5.b	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.1	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.1.5.b	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.1.7.a	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.1.7.b	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.7	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.7.1	Yes
Operating System	cisco	vpn_3000_concentrator_series_software	4.7.1.f	Yes

References

http://secunia.com/advisories/20644 Vendor Advisory ([email protected])
http://securitytracker.com/id?1016252 Exploit ([email protected])
http://www.cisco.com/warp/public/707/cisco-sr-20060613-webvpn-xss.shtml ([email protected])
http://www.osvdb.org/26453 ([email protected])
http://www.osvdb.org/26454 ([email protected])
http://www.securityfocus.com/archive/1/436479/30/0/threaded ([email protected])
http://www.securityfocus.com/bid/18419 ([email protected])
http://www.vupen.com/english/advisories/2006/2331 ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/27086 ([email protected])
http://secunia.com/advisories/20644 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1016252 Exploit (af854a3a-2127-422b-91ae-364da2661108)
http://www.cisco.com/warp/public/707/cisco-sr-20060613-webvpn-xss.shtml (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/26453 (af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/26454 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/436479/30/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/18419 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2006/2331 (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/27086 (af854a3a-2127-422b-91ae-364da2661108)