Vulnerabilities > CVE-2002-0853 - Denial Of Service vulnerability in Cisco VPN Client Zero Length IKE Packet

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

cisco

NVD

Published: 2002-09-05

Updated: 2008-09-10

Summary

Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco VPN Client 3.5.1 Cisco VPN Client 3.5.2	8

References

http://www.cisco.com/warp/public/707/vpnclient-multiple-vuln-pub.shtml
http://www.iss.net/security_center/static/9821.php
http://www.kb.cert.org/vuls/id/287771
http://www.securityfocus.com/bid/5440