Cisco VPN 3000 Series Multiple Vulnerabilities (CSCdea77143, CSCdz15393, CSCdt84906)

This script is (C) 2003-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The remote Cisco VPN 3000 concentrator is affected by several
vulnerabilities that could allow an attacker to use this device
to break into a VPN, disable the remote device by sending
a malformed SSH initialization packet or disable the
remote device by sending a flood of malformed ICMP packets.

These vulnerabilities are documented with the CISCO
bug IDs CSCdea77143, CSCdz15393 and CSCdt84906.

Solution :

Risk factor :

High / CVSS Base Score : 7.5

Family: CISCO

Nessus Plugin ID: 11594 (CSCea77143.nasl)

Bugtraq ID:

CVE ID: CVE-2003-0258