← voltar
CVE-2005-2025

CVE-2005-2025

EPSS 2.3%
Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Concentrator/index.htmhttp://www.securityfocus.com/bid/13992http://www.vupen.com/english/advisories/2005/0822