icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Cisco VPN Concentrator "No Encryption" Option Remote DoS (Bug ID CSCdx39981)

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote VPN concentrator is subject to a VPN client authentication vulnerability that can force a reload of the concentrator when a very large string for the username prompt is sent. This vulnerability is documented as Cisco bug ID CSCdx39981

Solution

http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml