Cisco VPN 3000 Concentrator Multiple Service Banner System Information Disclosure (CSCdu35577 HTTP Check)

This script is Copyright (C) 2004-2014 Michael J. Richardson


Synopsis :

The remote VPN concentrator reveals application layer banners.

Description :

The remote VPN concentrator gives out too much information in
application layer banners. An incorrect page request provides
the specific version of software installed. This vulnerability
is documented as Cisco bug ID CSCdu35577.

See also :

http://www.nessus.org/u?d2dd6759

Solution :

Apply vendor-supplied patch.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 14718 (CSCdu35577_web.nasl)

Bugtraq ID: 5624

CVE ID: CVE-2002-1094