Cisco VPN 3000 series concentrators do not properly handle specially crafted Internet Security Association and Key Management Protocol (ISAKMP) packets, which can cause a vulnerable device to reload, denying service to legitimate users.
According to information on the Cisco web site,
The Cisco VPN 3000 Series Concentrators are a family of purpose-built, remote access Virtual Private Network (VPN) platforms and client software that incorporates high availability, high performance and scalability with the most advanced encryption and authentication techniques available today.
An unauthenticated, remote attacker can cause a vulnerable device to reload by sending specially crafted ISAKMP packets to port 500/udp.
The CERT/CC thanks Phenoelit for reporting this vulnerability and Cisco for information used in this document.
This document was written by Art Manion.
|Date First Published:||2002-09-03|
|Date Last Updated:||2002-11-14 05:04 UTC|