PT-2005-2077 · Cisco · Cisco Ios+1

Published

2005-04-12

Updated

2017-10-11

CVE-2005-1057

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2T, 12.3, and 12.3T

Description The issue allows remote attackers to bypass authentication by using a "malformed packet" when the Easy VPN Server XAUTH version 6 authentication is in use.

Recommendations For Cisco IOS versions 12.2T, 12.3, and 12.3T, consider disabling the Easy VPN Server XAUTH version 6 authentication until a patch is available. Restrict access to the Easy VPN Server to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1057

Affected Products

Cisco Ios

Easy Vpn Server

PT-2005-2077 · Cisco · Cisco Ios+1

CVE-2005-1057

Related Identifiers

Affected Products

References · 3