Cisco VPN Concentrator 3000 < 4.7.3 Crafted HTTP Packet DoS
High Nessus Network Monitor Plugin ID 3382
SynopsisThe remote host is vulnerable to a Denial of Service (DoS) attack.
DescriptionThe remote host is running the Cisco VPN Concentrator 3000 product. This version of the VPN Concentrator is vulnerable to a remote Denial of Service (DoS) attack. Specifically, an attacker with access to the HTTP port(s) can send a malformed query that, upon parsing, would cause the Concentrator to fail. Successful exploitation would result in a denial of service to valid users.
SolutionUpgrade to version 4.7.3 or higher.