Cisco Systems Inc. Information for VU#287771
Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets
- Vendor Information Help Date Notified: 08 May 2002
- Statement Date:
- Date Updated: 09 Aug 2002
The vendor has not provided us with any further information regarding this vulnerability.
According to the report, the Cisco VPN Client 3.5 running on Windows NT 4.0 SP6 contains two buffer overflows, one of which may be exploitable. In addition, the Client contains two denial-of-service conditions.
If you have feedback, comments, or additional information about this vulnerability, please send us email.