Vulnerabilities > CVE-2002-1092 - Unspecified vulnerability in Cisco VPN 3000 Concentrator Series Software
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cisco
nessus
Summary
Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.
Vulnerable Configurations
Nessus
NASL family CISCO NASL id CSCDV66718.NASL description The remote VPN concentrator has a bug in its PPTP client. This vulnerability is documented as Cisco bug ID CSCdv66718. last seen 2020-06-01 modified 2020-06-02 plugin id 11291 published 2003-03-01 reporter This script is (C) 2003-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11291 title Cisco VPN 3000 Concentrator PPTP/IPSEC Group Credential Authentication Bypass (CSCdv66718) NASL family CISCO NASL id CSCDT56514.NASL description The remote VPN concentrator is vulnerable to an internal PPTP / IPSEC authentication login attack. This vulnerability is documented as Cisco bug ID CSCdt56514. last seen 2020-06-01 modified 2020-06-02 plugin id 11287 published 2003-03-01 reporter This script is (C) 2003-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11287 title Cisco VPN 3000 Concentrator Multiple Vulnerabilities (CSCdt56514, CSCdv66718)