« PaulDotCom Security Weekly - Episode 12 - Jan 27 2006 | Main | Introducing PaulDotCom Security Weekly TV »

Cisco VPN 3000 DoS Vulnerability - NOT FIXED

I just received word from an authoritative source on this vulnerability (actually the person that found it) and was informed that version 4.7.2B does not fix the DoS vulnerability. The only way to mitigate the risk is to block TCP port 80 on your concentrator (or upstream router/firewall), otherwise an attacker could send a stream of packets that takes out the concentrator and forces you to power cycle the box to get it back. Ouch.

Full Article

Thank you to Eldon Sprickerhoff for pointing this out.

.com

Posted by Paul Asadoorian on January 30, 2006 06:37 PM |

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)