Description
Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet.
Affected products
- Cisco / vpn_3000_concentrator_series_software4.7 – 4.7
- Cisco / vpn_3000_concentrator_series_software4.7(rel) – 4.7(rel)
- Cisco / vpn_3000_concentrator_series_software4.7.1 – 4.7.1
- Cisco / vpn_3000_concentrator_series_software4.7.1.f – 4.7.1.f
- Cisco / vpn_3000_concentrator_series_software4.7.2 – 4.7.2
- Cisco / vpn_3000_concentrator_series_software4.7.2.a – 4.7.2.a
- Cisco / vpn_3030_concentator4.7(rel) – 4.7(rel)
- Cisco / vpn_3030_concentator4.7.1 – 4.7.1
- Cisco / vpn_3030_concentator4.7.1.f – 4.7.1.f
- Cisco / vpn_3030_concentator4.7.2 – 4.7.2
- Cisco / vpn_3030_concentator4.7.2.a – 4.7.2.a
References
- VENDOR_ADVISORYhttp://secunia.com/advisories/18629
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/24330
- MISChttp://www.securityfocus.com/bid/16394
- VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/cisco-sa-20060126-vpn.shtml
- MISChttp://securitytracker.com/id?1015546
- MISChttp://www.osvdb.org/22754
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/0346
- MISChttp://securityreason.com/securityalert/375