Vulnerabilities > CVE-2002-1100 - Denial Of Service vulnerability in Cisco products

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
cisco
nessus
NVD
Published: 2002-10-04
Updated: 2018-10-30

Summary

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.

Vulnerable Configurations

Part Description Count
OS
Cisco
19
Application
Cisco
1

Nessus

NASL familyCISCO
NASL idCSCDX07754.NASL
descriptionThe remote VPN concentrator is subject to multiple flaws : - XML public rule - HTML pages access - HTML login processing This vulnerability is documented as Cisco bug ID CSCdx07754, CSCdx24622 and CSCdx24632.
last seen2020-06-01
modified2020-06-02
plugin id11293
published2003-03-01
reporterThis script is (C) 2003-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/11293
titleCisco VPN 3000 Concentrator Multiple Vulnerabilities (CSCdx07754, CSCdx24622, CSCdx24632)

References