Multiple Vulnerabilities in Cisco VPN3000 Series VPN Concentrators

Multiple vulnerabilities exist in the Cisco VPN 3000 Series Concentrator, the most serious of which can let an attacker access the internal hosts on the IPSec over TCP configured ports.

Ken Pfeil

May 8, 2003

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Reported May 7, 2003, by Cisco Systems

 

 

VERSIONS AFFECTED

 

  • Cisco VPN 3000 Series Concentrator

 

DESCRIPTION

 

Multiple vulnerabilities exist in the Cisco VPN 3000 Series Concentrator, the most serious of which can let an attacker access the internal hosts on the IPSec over TCP configured ports. The other two vulnerabilities can result in a Denial of Service (DoS) condition on the VPN Concentrator.

 

VENDOR RESPONSE

 

Cisco has released an advisory and a fix for affected customers, which can be obtained from the company’sWeb site. The company recommends that customers upgrade to fixed software versions, as detailed in thisdocumentation.

 

 

CREDIT

 

Discovered by Cisco.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like