Cisco IOS IKE XAUTH ISAKMP IPSec SA Establish Authentication Bypass (CSCeg00277)

This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

The remote version of IOS contains a feature called 'Easy VPN Server' that
allows the administrator of the remote router to create a lightweight VPN

There is an implementation flaw in the remote version of this software
that could allow an authorized user to complete authentication and access
the VPN remotely.

Solution :

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.1
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 17986 (CSCeg00277.nasl)

Bugtraq ID: 13033

CVE ID: CVE-2005-1058