Vulnerabilities > Cisco > VPN 3000 Concentrator Series Software > 3.6.7.b

DATE CVE VULNERABILITY TITLE RISK
2005-06-20 CVE-2005-2025 Unspecified vulnerability in Cisco products
Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.
network
low complexity
cisco
5.0
2005-03-30 CVE-2005-0943 Remote Denial of Service vulnerability in Cisco VPN 3000 Concentrator
Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
network
low complexity
cisco
5.0
2003-05-27 CVE-2003-0259 Denial-Of-Service vulnerability in VPN 3000 Concentrator
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.
network
low complexity
cisco
5.0
2003-05-27 CVE-2003-0258 Remote Security vulnerability in VPN 3000 Concentrator
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.
network
low complexity
cisco
7.5