Cisco VPN 3000 Series Concentrator ISAKMP可导致拒绝服务攻击发布时间:2002-09-10 更新时间:2002-09-10 严重程度:中 威胁程度:远程拒绝服务 错误类型:意外情况处置错误 利用方式:服务器模式 BUGTRAQ ID:5619 受影响系统 Cisco VPN 3000 Concentrator 2.0详细描述 Cisco VPN 3000 series concentrators是一系列通过VPN进行安全通信的产品。 攻击者可以构造恶意的Internet Security Association和Key Management Protocol (ISAKMP)协议的包发送给VPN 3000设备,可导致设备重载,产生网络/VPN服务停止响应。 测试代码 无 解决方案 联系供应商固件升级: Cisco VPN 3002 Hardware Client : Cisco VPN 3000 Concentrator 2.0: Cisco VPN 3000 Concentrator 2.5.2 (F): Cisco VPN 3000 Concentrator 2.5.2 (D): Cisco VPN 3000 Concentrator 2.5.2 (C): Cisco VPN 3000 Concentrator 2.5.2 (B): Cisco VPN 3000 Concentrator 2.5.2 (A): Cisco VPN 3000 Concentrator 3.0 (Rel): Cisco VPN 3000 Concentrator 3.0: Cisco VPN 3000 Concentrator 3.0.3 (B): Cisco VPN 3000 Concentrator 3.0.3 (A): Cisco VPN 3000 Concentrator 3.0.4: Cisco VPN 3000 Concentrator 3.1 (Rel): Cisco VPN 3000 Concentrator 3.1: Cisco VPN 3000 Concentrator 3.1.1: Cisco VPN 3000 Concentrator 3.1.2: Cisco VPN 3000 Concentrator 3.1.4: Cisco VPN 3000 Concentrator 3.5 (Rel): Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac Cisco VPN 3000 Concentrator 3.5.1: Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac Cisco VPN 3000 Concentrator 3.5.2: Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac Cisco VPN 3000 Concentrator 3.5.3: Cisco Upgrade VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac 相关信息 Cisco Security Advisory. 参考:http://online.securityfocus.com/advisories/4446 |
