Denial of Service Vulnerability in Cisco VPN 3000 Series Concentrators
CVE-2001-0428

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn 3000 Concentrator Series Software
Vendor: CVE Published:; 2 July 2001

Summary

Cisco VPN 3000 Series Concentrators prior to version 2.5.2(F) are susceptible to a denial of service attack caused by malformed IP packets containing invalid IP options. Attackers can exploit this vulnerability to crash or disrupt the normal operation of the device, rendering it unable to perform its intended functions. It is essential for users of these devices to implement the recommended updates to mitigate the risk of such attacks and to ensure continuity of service.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/6360

vdb-entryx_refsource_XF

http://www.osvdb.org/1786

vdb-entryx_refsource_OSVDB

http://www.cisco.com/warp/public/707/vpn3k-ipoptions-vuln...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jul 2, 2001
Vulnerability Reserved
May 24, 2001