CVE-2006-4312

Name of the Vulnerable Software and Affected Versions Cisco PIX 500 Series Security Appliances versions 7.0(x) through 7.0(5) Cisco ASA 5500 Series Adaptive Security Appliances versions 7.0(x) through 7.0(5) Cisco ASA 5500 Series Adaptive Security Appliances versions 7.1(x) through 7.1(2.4) Cisco Firewall Services Module (FWSM) versions 3.1(x) through 3.1(1.6)

Description The issue causes the EXEC password, local user passwords, and the enable password to be changed to a non-random value under certain circumstances. This can lead to administrators being locked out and potentially allow attackers to gain access.

Recommendations For Cisco PIX 500 Series Security Appliances versions 7.0(x) through 7.0(5), update to a version outside of the affected range. For Cisco ASA 5500 Series Adaptive Security Appliances versions 7.0(x) through 7.0(5), update to a version outside of the affected range. For Cisco ASA 5500 Series Adaptive Security Appliances versions 7.1(x) through 7.1(2.4), update to a version outside of the affected range. For Cisco Firewall Services Module (FWSM) versions 3.1(x) through 3.1(1.6), update to a version outside of the affected range.