CVE-2006-5416: XSS
First published: Fri Oct 20 2006(Updated: )
Cross-site scripting (XSS) vulnerability in my.acctab.php3 in F5 Networks FirePass 1000 SSL VPN 5.5, and possibly earlier, allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| F5 FirePass SSL VPN | =5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.procheckup.com/Vulner_PR0603b.php
- http://www.securityfocus.com/bid/20583
- http://securitytracker.com/id?1017076
- http://secunia.com/advisories/22444/
- http://securityreason.com/securityalert/1752
- http://www.vupen.com/english/advisories/2006/4083
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29631
- http://www.securityfocus.com/archive/1/448935/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2006-5416?
CVE-2006-5416 is classified as a medium severity vulnerability.
How do I fix CVE-2006-5416?
To fix CVE-2006-5416, it is recommended to update to the latest version of F5 Networks FirePass SSL VPN.
What systems are affected by CVE-2006-5416?
CVE-2006-5416 affects F5 Networks FirePass 1000 SSL VPN version 5.5 and possibly earlier versions.
What type of vulnerability is CVE-2006-5416?
CVE-2006-5416 is a cross-site scripting (XSS) vulnerability.
Can CVE-2006-5416 allow remote attacks?
Yes, CVE-2006-5416 allows remote attackers to inject arbitrary web script or HTML.
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/f5
- canonical/f5 firepass ssl vpn
- version/f5 firepass ssl vpn/5.5