archives  If you want an RSS feed try this xml rss V0.91 feed

Friday, May 09, 2003

Cisco VPN Vulnerable

cisco logoThree major issues are affecting the Cisco VPN 3000 series VPN concentrator, these are detailed in the advisories listed below, and affect models 3005, 3015, 3030, 3060, 3080 and the Cisco VPN 3002 Hardware Client. The flaws affect IPSec over TCP which could enable a user on the internet to gain access to the internal network with NO authentication. The SSH initialisation vulnerability could cause the concentrator to reload the operating system, thus is a highly effective DoS attack. A similar problem can occur if a flood of malformed ICMP packets are sent to the system. Cisco detail software revisions / upgrades and a variety of configuration measures to avoid the problems. Cisco Advisory CSCea77143 - enabling IPSec over TCP vulnerability CSCdz15393 - malformed SSH initialization packet vulnerability CSCdt84906 - malformed ICMP traffic vulnerability

posted by Robert Campbell 3:33 PM


Powered by Blogger Pro™