Cisco Systems Inc. Information for VU#287771

Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets



Vendor Statement

Please see

    Vendor Information

    The vendor has not provided us with any further information regarding this vulnerability.

    Vendor References



    According to the report, the Cisco VPN Client 3.5 running on Windows NT 4.0 SP6 contains two buffer overflows, one of which may be exploitable. In addition, the Client contains two denial-of-service conditions.

    If you have feedback, comments, or additional information about this vulnerability, please send us email.