Remote Code Execution Vulnerability in Cisco VPN 3000 Concentrator
CVE-2005-2025

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn 3015 Concentrator; Vpn 3060 Concentrator; Vpn 3020 Concentrator; Vpn 3000 Concentrator
Vendor: CVE Published:; 20 June 2005

Summary

A vulnerability exists in the Cisco VPN 3000 Concentrator prior to version 4.1.7.F, which allows remote attackers to identify valid group names. By sending an IKE Aggressive Mode packet containing a group name in the ID field, an attacker can determine whether the group name is valid based on the response received. Valid group names prompt a response from the system, while invalid ones do not, thus exposing sensitive configuration information that could be exploited for further attacks.

References

http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Conce...

x_refsource_MISC

http://www.securityfocus.com/bid/13992

vdb-entryx_refsource_BID

http://www.vupen.com/english/advisories/2005/0822

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability Reserved
Jun 21, 2005
Vulnerability published
Jun 20, 2005