CISCO : CSCdea77143, CSCdz15393, CSCdt84906

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.11594

Category: CISCO

Title: CSCdea77143, CSCdz15393, CSCdt84906

Summary: Uses SNMP to determine if a flaw is present

Description:

The remote Cisco VPN 3000 concentrator is vulnerable to various flaws
which may allow an attacker to use this device
to break into a VPN, disable the remote device by sending
a malformed SSH initialization packet or disable the
remote device by sending a flood of malformed ICMP packets.

This vulnerability is documented with the CISCO
bugs ID CSCdea77143, CSCdz15393 and CSCdt84906

Solution : http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml
Risk factor : High

*** As Nessus solely relied on the banner of the remote host
*** this might be a false positive

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2003-0258
Cisco Security Advisory: 20030507 Cisco VPN 3000 Concentrator Vulnerabilities
http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml
CERT/CC vulnerability note: VU#727780
http://www.kb.cert.org/vuls/id/727780
XForce ISS Database: cisco-vpn-unauth-access(11954)
http://xforce.iss.net/xforce/xfdb/11954
Common Vulnerability Exposure (CVE) ID: CVE-2003-0259
CERT/CC vulnerability note: VU#317348
http://www.kb.cert.org/vuls/id/317348
XForce ISS Database: cisco-vpn-ssh-dos(11955)
http://xforce.iss.net/xforce/xfdb/11955
Common Vulnerability Exposure (CVE) ID: CVE-2003-0260
CERT/CC vulnerability note: VU#221164
http://www.kb.cert.org/vuls/id/221164
XForce ISS Database: cisco-vpn-icmp-dos(11956)
http://xforce.iss.net/xforce/xfdb/11956

Copyright This script is (C) 2003 Renaud Deraison

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.11594
Category:	CISCO
Title:	CSCdea77143, CSCdz15393, CSCdt84906
Summary:	Uses SNMP to determine if a flaw is present
Description:	The remote Cisco VPN 3000 concentrator is vulnerable to various flaws which may allow an attacker to use this device to break into a VPN, disable the remote device by sending a malformed SSH initialization packet or disable the remote device by sending a flood of malformed ICMP packets. This vulnerability is documented with the CISCO bugs ID CSCdea77143, CSCdz15393 and CSCdt84906 Solution : http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml Risk factor : High * As Nessus solely relied on the banner of the remote host * this might be a false positive
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0258 Cisco Security Advisory: 20030507 Cisco VPN 3000 Concentrator Vulnerabilities http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml CERT/CC vulnerability note: VU#727780 http://www.kb.cert.org/vuls/id/727780 XForce ISS Database: cisco-vpn-unauth-access(11954) http://xforce.iss.net/xforce/xfdb/11954 Common Vulnerability Exposure (CVE) ID: CVE-2003-0259 CERT/CC vulnerability note: VU#317348 http://www.kb.cert.org/vuls/id/317348 XForce ISS Database: cisco-vpn-ssh-dos(11955) http://xforce.iss.net/xforce/xfdb/11955 Common Vulnerability Exposure (CVE) ID: CVE-2003-0260 CERT/CC vulnerability note: VU#221164 http://www.kb.cert.org/vuls/id/221164 XForce ISS Database: cisco-vpn-icmp-dos(11956) http://xforce.iss.net/xforce/xfdb/11956
Copyright	This script is (C) 2003 Renaud Deraison