CVE-2002-1095

Name of the Vulnerable Software and Affected Versions: Cisco VPN 3000 Concentrator versions prior to 2.5.2(F)

Description: The issue allows remote attackers to cause a denial of service, resulting in a reload of the system. This can be achieved by using a Windows-based PPTP client with the No Encryption option set, while the encryption is enabled on the concentrator.

Recommendations: For versions prior to 2.5.2(F), update to version 2.5.2(F) or later to resolve the issue. As a temporary workaround, consider disabling the encryption or restricting access to the PPTP client to minimize the risk of exploitation.