Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vpn_3002_hardware_client
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-12-22 | CVE-2005-4499 | The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. | Adaptive_security_appliance_software, Pix_asa_ids, Pix_firewall, Pix_firewall_501, Pix_firewall_506, Pix_firewall_515, Pix_firewall_515e, Pix_firewall_520, Pix_firewall_525, Pix_firewall_535, Pix_firewall_software, Secure_access_control_server, Vpn_3000_concentrator_series_software, Vpn_3001_concentrator, Vpn_3002_hardware_client, Vpn_3005_concentrator_software, Vpn_3015_concentrator, Vpn_3020_concentrator, Vpn_3030_concentator, Vpn_3060_concentrator, Vpn_3080_concentrator | N/A | ||
| 2005-03-30 | CVE-2005-0943 | Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client, Vpn_3005_concentrator_software, Vpn_3015_concentrator, Vpn_3020_concentrator, Vpn_3030_concentator, Vpn_3060_concentrator, Vpn_3080_concentrator | N/A | ||
| 2003-05-27 | CVE-2003-0260 | Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client, Vpn_3015_concentrator, Vpn_3030_concentator, Vpn_3060_concentrator, Vpn_3080_concentrator | N/A | ||
| 2003-05-27 | CVE-2003-0259 | Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client, Vpn_3015_concentrator, Vpn_3030_concentator, Vpn_3060_concentrator, Vpn_3080_concentrator | N/A | ||
| 2003-05-27 | CVE-2003-0258 | Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client, Vpn_3005_concentrator_software, Vpn_3015_concentrator, Vpn_3030_concentator, Vpn_3060_concentrator, Vpn_3080_concentrator | N/A | ||
| 2002-10-04 | CVE-2002-1103 | Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client | N/A | ||
| 2002-10-04 | CVE-2002-1102 | The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client | N/A | ||
| 2002-10-04 | CVE-2002-1101 | Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client | N/A | ||
| 2002-10-04 | CVE-2002-1100 | Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client | N/A | ||
| 2002-10-04 | CVE-2002-1099 | Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages. | Vpn_3000_concentrator_series_software, Vpn_3002_hardware_client | N/A |