Cisco

Vpn 3000 Concentrator Series Software

24 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2003-0258

  • EPSS 0.65%
  • Published 27.05.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.

5

CVE-2002-1103

  • EPSS 0.42%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.

5

CVE-2002-1102

  • EPSS 0.74%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the r...

5

CVE-2002-1101

  • EPSS 10.53%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.

5

CVE-2002-1100

  • EPSS 0.74%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.

5

CVE-2002-1099

  • EPSS 0.51%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.

7.5

CVE-2002-1098

  • EPSS 0.53%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass thro...

7.5

CVE-2002-1097

  • EPSS 0.28%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.

7.5

CVE-2002-1096

  • EPSS 0.53%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.

5

CVE-2002-1095

  • EPSS 0.4%
  • Published 04.10.2002 04:00:00
  • Last modified 03.04.2025 01:03:51

Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.