CVE-2005-2025

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn 3015 Concentrator; Vpn 3060 Concentrator; Vpn 3020 Concentrator; Vpn 3000 Concentrator
Vendor: CVE Published:; 20 June 2005

Summary

Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.

References

http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Conce...

x_refsource_MISC

http://www.securityfocus.com/bid/13992

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2005/0822

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability Reserved
Jun 21, 2005
Vulnerability published
Jun 20, 2005