Cisco VPN Client可预测序列号漏洞

发布时间：2002-09-11
更新时间：2002-09-11
严重程度：中
威胁程度：欺骗
错误类型：设计错误
利用方式：客户机模式

BUGTRAQ ID：5653

受影响系统

Cisco VPN Client 2.0 for Windows
Cisco VPN Client 3.0 for Windows
Cisco VPN Client 3.0.5 for Windows
Cisco VPN Client 3.1 for Windows
Cisco VPN Client 3.5.1 C for Windows
Cisco VPN Client 3.5.1 for Windows
Cisco VPN Client 3.5.1 for Solaris
Cisco VPN Client 3.5.1 for Mac OS X
Cisco VPN Client 3.5.1 for Linux
Cisco VPN Client 3.5.2 for Windows
Cisco VPN Client 3.5.2 for Solaris
Cisco VPN Client 3.5.2 for Mac OS X
Cisco VPN Client 3.5.2 for Linux

详细描述
Cisco报告CISCO VPN客户端产生随机号机制不够强壮，攻击者可以通过猜测VPN会话序列号，通过MAN-IN-MIDDLE攻击或者插入数据包到连接中，可导致会话劫持，未授权访问VPN服务器等等攻击。

测试代码
无

解决方案
升级到3.5.2B版本：

Cisco VPN Client 2.0 for Windows:
Cisco VPN Client 3.0 for Windows:
Cisco VPN Client 3.0.5 for Windows:
Cisco VPN Client 3.1 for Windows:
Cisco VPN Client 3.5.1 C for Windows:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.1 for Windows:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.1 for Solaris:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.1 for Mac OS X:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.1 for Linux:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.2 for Windows:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.2 for Solaris:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.2 for Mac OS X:

Cisco Upgrade VPN Client 3.5.2B

Cisco VPN Client 3.5.2 for Linux:

Cisco Upgrade VPN Client 3.5.2B

相关信息
参考：http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml

最近严重漏洞

Cisco VPN Client可预测序列号漏洞