| VID |
29045 |
| Severity |
30 |
| Port |
161 |
| Protocol |
UDP |
| Class |
CISCO |
| Detailed Description |
The Cisco VPN 3000 series concentrator has the HTML parser processing vulnerability(CISCO Bug ID CSCdu15622). This vulnerability can be exploited to initiate a DOS attack. Very long URL requests to the HTML interface cause the VPN 3000 series concentrator to stop responding. The CPU on the Cisco VPN concentrator jumps to 100%. The IP stack of the VPN concentrator stops responding. The VPN concentrator recovers approximately five minutes after the DoS attack is stopped.
* Note: This check solely relies on the version number of the remote system to assess this vulnerability, so this may be a false positive. Also, it requires a read access SNMP community string to collect the version number. To provide this access, add the valid community string to the check item, "snmp/guessable/r" from the Policy Editor.
* References:
http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
http://www.ciac.org/ciac/bulletins/m-119.shtml
* Platforms Affected:
Cisco VPN 3000 series concentrator 2.x.x and the earlier than 3.0.3(B) |
| Recommendation |
Upgrade to the Cisco VPN 3000 series concentrator version 3.6(Rel) or later, 3.5(Rel) or later, 3.1(Rel) or later, and 3.0.3(B) or later. Upgrades should be obtained through the Software Center on Cisco's worldwide website at http://www.cisco.com/kobayashi/sw-center/vpn/3000/ .
As a workaround, restrict access to the HTML interface such that connections are permitted only from trusted sources.
For details, see http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml . |
| Related URL |
CVE-2003-0258,CVE-2003-0259,CVE-2003-0260 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
11954,11955,11956 (ISS) |
|
