Remote Denial of Service Vulnerability in Cisco VPN 3000 Series Concentrator
CVE-2005-0943

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn 3015 Concentrator; Vpn 3020 Concentrator; Vpn 3030 Concentator; Vpn 3060 Concentrator
Vendor: CVE Published:; 30 March 2005

Summary

A vulnerability exists in the Cisco VPN 3000 Series Concentrator, specifically in firmware versions 4.1.7.A and earlier, that allows remote attackers to effectively disrupt service. By sending a crafted HTTPS packet, an attacker can trigger a denial of service, resulting in either a device reload or the dropping of user connections. This flaw poses significant risks to network stability and user accessibility, making it critical for organizations relying on this equipment to take immediate action to secure their environments.

References

http://www.cisco.com/warp/public/707/cisco-sa-20050330-vp...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/12948

vdb-entryx_refsource_BID

http://secunia.com/advisories/14784

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability Reserved
Apr 3, 2005
Vulnerability published
Mar 30, 2005