CVE-2006-3073

Severity

26%

Complexity

49%

Confidentiality

48%

Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that "WebVPN full-network-access mode" is not affected, despite the claims by the original researcher.

Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that "WebVPN full-network-access mode" is not affected, despite the claims by the original researcher.

CVSS 2.0 Base Score 2.6. CVSS Attack Vector: network. CVSS Attack Complexity: high. CVSS Vector: (AV:N/AC:H/Au:N/C:N/I:P/A:N).

Overview

Type

Cisco

First reported 18 years ago

2006-06-19 10:02:00

Last updated 6 years ago

2018-10-30 16:26:00

Affected Software

Cisco ASA 5500 7.0

7.0

Cisco ASA 5500 7.0.4

7.0\(4\)

Cisco ASA 5500 7.0.4 .3

7.0.4.3

Cisco VPN 3000 Concentrator Series Software 2.0

2.0

Cisco VPN 3000 Concentrator Series Software 2.5.2.a

2.5.2.a

Cisco VPN 3000 Concentrator Series Software 2.5.2.b

2.5.2.b

Cisco VPN 3000 Concentrator Series Software 2.5.2.c

2.5.2.c

Cisco VPN 3000 Concentrator Series Software 2.5.2.d

2.5.2.d

Cisco VPN 3000 Concentrator Series Software 2.5.2.f

2.5.2.f

Cisco VPN 3000 Concentrator Series Software 3.0

3.0

Cisco VPN 3000 Concentrator Series Software 3.0.3.a

3.0.3.a

Cisco VPN 3000 Concentrator Series Software 3.0.3.b

3.0.3.b

Cisco VPN 3000 Concentrator Series Software 3.0.4

3.0.4

Cisco VPN 3000 Concentrator Series Software 3.1

3.1

Cisco VPN 3000 Concentrator Series Software 3.1 (Rel)

3.1\(rel\)

Cisco VPN 3000 Concentrator Series Software 3.1.1

3.1.1

Cisco VPN 3000 Concentrator Series Software 3.1.2

3.1.2

Cisco VPN 3000 Concentrator Series Software 3.1.4

3.1.4

Cisco VPN 3000 Concentrator Series Software 3.5 (Rel)

3.5\(rel\)

Cisco VPN 3000 Concentrator Series Software 3.5.1

3.5.1

Cisco VPN 3000 Concentrator Series Software 3.5.2

3.5.2

Cisco VPN 3000 Concentrator Series Software 3.5.3

3.5.3

Cisco VPN 3000 Concentrator Series Software 3.5.4

3.5.4

Cisco VPN 3000 Concentrator Series Software 3.5.5

3.5.5

Cisco VPN 3000 Concentrator Series Software 3.6

3.6

Cisco VPN 3000 Concentrator Series Software 3.6.1

3.6.1

Cisco VPN 3000 Concentrator Series Software 3.6.7

3.6.7

Cisco VPN 3000 Concentrator Series Software 3.6.7d

3.6.7d

Cisco VPN 3000 Concentrator Series Software 4.0

4.0

Cisco VPN 3000 Concentrator Series Software 4.0.1

4.0.1

Cisco VPN 3000 Concentrator Series Software 4.0.5.b

4.0.5.b

Cisco VPN 3000 Concentrator Series Software 4.1

4.1

Cisco VPN 3000 Concentrator Series Software 4.1.5.b

4.1.5.b

Cisco VPN 3000 Concentrator Series Software 4.1.7.a

4.1.7.a

Cisco VPN 3000 Concentrator Series Software 4.1.7.b

4.1.7.b

Cisco VPN 3000 Concentrator Series Software 4.7

4.7

Cisco VPN 3000 Concentrator Series Software 4.7.1

4.7.1

Cisco VPN 3000 Concentrator Series Software 4.7.1.f

4.7.1.f

References

20644

Vendor Advisory

1016252

Exploit

20060613 WebVPN Cross-Site Scripting Vulnerability

26453

26454

20060608 SSL VPNs and security

18419

ADV-2006-2331

cisco-webvpn-xss(27086)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.