HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Vpn_3000_concentrator_series_software | Cisco | 2.0 (including) | 2.0 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.a (including) | 2.5.2.a (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.b (including) | 2.5.2.b (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.c (including) | 2.5.2.c (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.d (including) | 2.5.2.d (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.f (including) | 2.5.2.f (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0 (including) | 3.0 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0(rel) (including) | 3.0(rel) (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0.3.a (including) | 3.0.3.a (including) |
References
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10018.php
- http://www.securityfocus.com/bid/5615
- http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
- http://www.iss.net/security_center/static/10018.php
- http://www.securityfocus.com/bid/5615