Vulnerability Details : CVE-2006-4194
** DISPUTED ** Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue.
Exploit prediction scoring system (EPSS) score for CVE-2006-4194
Probability of exploitation activity in the next 30 days: 2.05%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 88 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-4194
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
[email protected] |
References for CVE-2006-4194
-
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1207450,00.html
-
http://www.securityfocus.com/bid/19536
-
http://www.networkworld.com/news/2006/080406-black-hat-unpatched-flaw-revealed.html?t5
-
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/tsd_products_security_response09186a008070d33b.html
-
http://www.idoel.smilejogja.com/2006/08/14/blinded-by-the-glare-of-facial-piercings-at-black-hat-or-the-one-that-got-away/
Products affected by CVE-2006-4194
- cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*