CVE-2006-4430

Name of the Vulnerable Software and Affected Versions Cisco Network Admission Control (NAC) versions 3.6.4.1 and earlier

Description The issue allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and potentially bypass protection mechanisms. This can be achieved by modifying the User-Agent header or the behavior of the TCP/IP stack. The vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.

Recommendations For Cisco Network Admission Control (NAC) versions 3.6.4.1 and earlier, consider restricting modifications to the User-Agent header and monitoring TCP/IP stack behavior to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.