Vulnerabilities > CVE-2002-1093 - Denial Of Service vulnerability in Cisco HTTP Interface Long Request

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

cisco

nessus

NVD

Published: 2002-10-04

Updated: 2018-10-30

Summary

HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco VPN 3000 Concentrator Series Software 2.0 Cisco VPN 3000 Concentrator Series Software 2.5.2.A Cisco VPN 3000 Concentrator Series Software 2.5.2.B Cisco VPN 3000 Concentrator Series Software 2.5.2.C Cisco VPN 3000 Concentrator Series Software 2.5.2.D Cisco VPN 3000 Concentrator Series Software 2.5.2.F Cisco VPN 3000 Concentrator Series Software 3.0 Cisco VPN 3000 Concentrator Series Software 3.0\(Rel\) Cisco VPN 3000 Concentrator Series Software 3.0.3.A	9

Nessus

NASL family	CISCO
NASL id	CSCDU15622.NASL
description	The remote VPN concentrator has a vulnerability in its HTML parser processor. This vulnerability is documented as Cisco bug ID CSCdu15622.
last seen	2020-06-01
modified	2020-06-02
plugin id	11288
published	2003-03-01
reporter	This script is (C) 2003-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/11288
title	Cisco VPN 3000 Concentrator HTML Interface Long URL DoS (CSCdu15622)
code	# # (C) Tenable Network Security, Inc. # # # Thanks to Nicolas FISCHBACH ([email protected]) for his help # # Ref: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020903-vpn3k-vulnerability include("compat.inc"); if(description) { script_id(11288); script_bugtraq_id(5615); script_cve_id("CVE-2002-1093"); script_version("1.19"); script_name(english:"Cisco VPN 3000 Concentrator HTML Interface Long URL DoS (CSCdu15622)"); script_set_attribute(attribute:"synopsis", value: "The remote device is missing a vendor-supplied security patch." ); script_set_attribute(attribute:"description", value: "The remote VPN concentrator has a vulnerability in its HTML parser processor. This vulnerability is documented as Cisco bug ID CSCdu15622." ); script_set_attribute(attribute:"solution", value: "http://www.nessus.org/u?d2dd6759" ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_publication_date", value: "2003/03/01"); script_set_attribute(attribute:"vuln_publication_date", value: "2002/09/03"); script_cvs_date("Date: 2018/06/27 18:42:25"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value: "cpe:/o:cisco:ios"); script_end_attributes(); summary["english"] = "Uses SNMP to determine if a flaw is present"; script_summary(english:summary["english"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is (C) 2003-2018 Tenable Network Security, Inc."); script_family(english:"CISCO"); script_dependencie("snmp_sysDesc.nasl"); script_require_keys("SNMP/community", "SNMP/sysDesc", "CISCO/model"); exit(0); } # The code starts here ok=0; os = get_kb_item("SNMP/sysDesc"); if(!os)exit(0); # Is this a VPN3k concentrator ? if(!egrep(pattern:".VPN 3000 Concentrator.", string:os))exit(0); # < 3.0.3(B) if(egrep(pattern:".Version 3\.0\.[0-2].", string:os))ok = 1; # 2.x.x if(egrep(pattern:".Version 2\..", string:os))ok = 1; if(ok)security_warning(port:161, proto:"udp");

Summary

Vulnerable Configurations

Nessus

References