Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2006-4950 |
Description: | Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. |
Test IDs: | None available |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2006-4950 BugTraq ID: 20125 http://www.securityfocus.com/bid/20125 CERT/CC vulnerability note: VU#123140 http://www.kb.cert.org/vuls/id/123140 Cisco Security Advisory: 20060920 DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml http://www.osvdb.org/29034 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5665 http://securitytracker.com/id?1016899 http://secunia.com/advisories/21974 http://www.vupen.com/english/advisories/2006/3722 XForce ISS Database: ios-docsis-default-snmp(29054) https://exchange.xforce.ibmcloud.com/vulnerabilities/29054 |