Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.
https://exchange.xforce.ibmcloud.com/vulnerabilities/10046
http://www.securityfocus.com/bid/5653
http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml