CVE-2002-0852

Name of the Vulnerable Software and Affected Versions: Cisco Virtual Private Network (VPN) Client versions 3.5.4 and earlier

Description: The issue allows remote attackers to cause a denial of service. This can be achieved via an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or an IKE packet with a large number of valid payloads.

Recommendations: For Cisco Virtual Private Network (VPN) Client versions 3.5.4 and earlier, update to a version later than 3.5.4 to resolve the issue.