PT-2003-1469 · Cisco · Cisco Vpn 3002 Hardware Client+1

Published

2003-05-08

Updated

2018-10-30

CVE-2003-0260

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client versions 2.x.x through 3.6.7A

Description: The issue allows remote attackers to cause a denial of service, resulting in slowdown and possible reload, by flooding the system with malformed ICMP packets.

Recommendations: For Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client versions 2.x.x through 3.6.7A, consider implementing rate limiting on ICMP packets to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0260

Affected Products

Cisco Vpn 3000 Series Concentrators

Cisco Vpn 3002 Hardware Client

PT-2003-1469 · Cisco · Cisco Vpn 3002 Hardware Client+1

CVE-2003-0260

Related Identifiers

Affected Products

References · 4