>> Cisco VPN 3000 Concentrator Denial of Service Vulnerability
Title : Cisco VPN 3000 Concentrator Denial of Service Vulnerability VUPEN ID : VUPEN/ADV-2005-0303 CVE ID : GENERIC-MAP-NOMATCH CWE ID : CWE-
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-03-30
Technical Description
A new vulnerability was identified in Cisco VPN 3000 Concentrator, which may be exploited by remote attackers to conduct denial of service attacks. This flaw occurs when handling specially crafted SSL/HTTPS packets, which may cause a reload of the affected device or a denial of service.
Note : HTTPS is not enabled by default on Cisco VPN 3000 devices.