Cisco VPN Concentrator FTP Banner设备信息泄露漏洞发布时间:2002-09-10 更新时间:2002-09-10 严重程度:中 威胁程度:服务器信息泄露 错误类型:配置错误 利用方式:服务器模式 BUGTRAQ ID:5623 受影响系统 Cisco VPN 3000 Concentrator 2.0详细描述 Cisco VPN 3000 series concentrators是一系列通过VPN通信的产品。 在部分环境下,远程攻击者可能获得系统敏感信息,FTP banner可以泄露很多会话相关的信息,通过这些信息可以进一步都系统进行攻击。 测试代码 无 解决方案 升级固件: Cisco VPN 3002 Hardware Client : Cisco VPN 3000 Concentrator 2.0: Cisco VPN 3000 Concentrator 2.5.2 (F): Cisco VPN 3000 Concentrator 2.5.2 (D): Cisco VPN 3000 Concentrator 2.5.2 (C): Cisco VPN 3000 Concentrator 2.5.2 (B): Cisco VPN 3000 Concentrator 2.5.2 (A): Cisco VPN 3000 Concentrator 3.0 (Rel): Cisco VPN 3000 Concentrator 3.0: Cisco VPN 3000 Concentrator 3.0.3 (B): Cisco VPN 3000 Concentrator 3.0.3 (A): Cisco VPN 3000 Concentrator 3.0.4: Cisco VPN 3000 Concentrator 3.1 (Rel): Cisco VPN 3000 Concentrator 3.1.1: Cisco VPN 3000 Concentrator 3.1.2: Cisco VPN 3000 Concentrator 3.1.4: Cisco VPN 3000 Concentrator 3.5 (Rel): Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac Cisco VPN 3000 Concentrator 3.5.1: Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac Cisco VPN 3000 Concentrator 3.5.2: Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac Cisco VPN 3000 Concentrator 3.5.3: Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac 相关信息 Cisco Security Advisory. 参考:http://online.securityfocus.com/advisories/4446 |
