Denial of Service Vulnerability in Cisco VPN Concentrators and Client
CVE-2003-0259

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn 3015 Concentrator; Vpn 3030 Concentator; Vpn 3060 Concentrator; Vpn 3080 Concentrator
Vendor: CVE Published:; 27 May 2003

Summary

The vulnerability allows remote attackers to exploit a flaw in the SSH initialization process on Cisco VPN 3000 series concentrators and the Cisco VPN 3002 Hardware Client. By sending a specially crafted SSH initialization packet, an attacker can trigger a reload of the affected devices, resulting in service disruption and unavailability. This highlights the importance of secure configurations and timely updates to mitigate the risks posed by malformed traffic.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/11955

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/cisco-sa-20030507-vp...

vendor-advisoryx_refsource_CISCO

http://www.kb.cert.org/vuls/id/317348

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
May 27, 2003
Vulnerability Reserved
May 7, 2003