Vulnerability Note VU#761651
Cisco VPN 3000 series concentrator does not properly handle malformed ISAKMP packets
Cisco VPN 3000 series concentrators do not properly handle specially crafted Internet Security Association and Key Management Protocol (ISAKMP) packets, which can cause a vulnerable device to reload, denying service to legitimate users.
According to information on the Cisco web site,
The Cisco VPN 3000 Series Concentrators are a family of purpose-built, remote access Virtual Private Network (VPN) platforms and client software that incorporates high availability, high performance and scalability with the most advanced encryption and authentication techniques available today.
Cisco has released an advisory addressing this and other vulnerablilities in the Cisco VPN 3000 series concentrator. VU#761651 corresponds to Cisco bug ID CSCdy38035. According to the details of the Cisco advisory, this vulnerability can also be exploited by an ISAKMP packet with a large number of payloads or, if debug is enabled, by large or otherwise malformed ISAKMP packets.
An unauthenticated, remote attacker can cause a vulnerable device to reload by sending specially crafted ISAKMP packets to port 500/udp.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco Systems Inc.||Affected||20 Aug 2002||03 Sep 2002|
CVSS Metrics (Learn More)
The CERT/CC thanks Phenoelit for reporting this vulnerability and Cisco for information used in this document.
This document was written by Art Manion.
- CVE IDs: CAN-2002-1103
- Date Public: 03 Sep 2002
- Date First Published: 03 Sep 2002
- Date Last Updated: 14 Nov 2002
- Severity Metric: 7.73
- Document Revision: 22
If you have feedback, comments, or additional information about this vulnerability, please send us email.