Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Vpn_3000_concentrator_series_software | Cisco | 2.0 (including) | 2.0 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.a (including) | 2.5.2.a (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.b (including) | 2.5.2.b (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.c (including) | 2.5.2.c (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.d (including) | 2.5.2.d (including) |
| Vpn_3000_concentrator_series_software | Cisco | 2.5.2.f (including) | 2.5.2.f (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0 (including) | 3.0 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0(rel) (including) | 3.0(rel) (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0.3.a (including) | 3.0.3.a (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0.3.b (including) | 3.0.3.b (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.0.4 (including) | 3.0.4 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.1 (including) | 3.1 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.1(rel) (including) | 3.1(rel) (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.1.1 (including) | 3.1.1 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.1.2 (including) | 3.1.2 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.1.4 (including) | 3.1.4 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.5(rel) (including) | 3.5(rel) (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.5.1 (including) | 3.5.1 (including) |
| Vpn_3000_concentrator_series_software | Cisco | 3.5.2 (including) | 3.5.2 (including) |