Cisco VPN 3000 Concentrator Multiple Service Banner System Information Disclosure (CSCdu35577 HTTP Check)

This script is Copyright (C) 2004-2014 Michael J. Richardson


Synopsis :

The remote VPN concentrator reveals application layer banners.

Description :

The remote VPN concentrator gives out too much information in
application layer banners. An incorrect page request provides
the specific version of software installed. This vulnerability
is documented as Cisco bug ID CSCdu35577.

See also :

http://www.nessus.org/u?d2dd6759

Solution :

Apply vendor-supplied patch.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:H/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 14718 (CSCdu35577_web.nasl)

Bugtraq ID: 5624

CVE ID: CVE-2002-1094

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial