Multiple Vulnerabilities in Cisco VPN 3000 Series Concentrators
CVE-2006-4313

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn 3000 Concentrator Series Software
Vendor: CVE Published:; 23 August 2006

Summary

Cisco VPN 3000 series concentrators are affected by several unspecified vulnerabilities that allow attackers to execute FTP commands such as CWD, MKD, CDUP, RNFR, SIZE, and RMD. These vulnerabilities enable unauthorized users to modify files or create and delete directories, presenting a significant risk to network integrity and data confidentiality. It is crucial for users of these concentrators to ensure they are using updated software versions or applying necessary security measures to mitigate potential attacks.

References

http://www.vupen.com/english/advisories/2006/3368

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/28138

vdb-entryx_refsource_OSVDB

http://securitytracker.com/id?1016737

vdb-entryx_refsource_SECTRACK

EPSS Score

55% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 23, 2006
Vulnerability Reserved
Aug 23, 2006