Cisco VPN 3000 Series Multiple Vulnerabilities (CSCdea77143, CSCdz15393, CSCdt84906)

This script is (C) 2003-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The remote Cisco VPN 3000 concentrator is affected by several
vulnerabilities that could allow an attacker to use this device
to break into a VPN, disable the remote device by sending
a malformed SSH initialization packet or disable the
remote device by sending a flood of malformed ICMP packets.

These vulnerabilities are documented with the CISCO
bug IDs CSCdea77143, CSCdz15393 and CSCdt84906.

Solution :

http://www.nessus.org/u?a98c23a3

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)

Family: CISCO

Nessus Plugin ID: 11594 (CSCea77143.nasl)

Bugtraq ID:

CVE ID: CVE-2003-0258
CVE-2003-0259
CVE-2003-0260