[ BUG/VIRUS ALERT ] Multiple vulnerabilities for the Cisco VPN 3000 series concentrators

Madrid, September 4, 2002 -- Cisco has reported -at http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml - the existence of 13 security problems in Cisco VPN 3000 series concentrators(*).

The vulnerabilities are diverse and some could allow unauthorized access to the network, password disclosure, or be exploited to initiate a denial of service attack. The roblems affect various functionalities of the Cisco VPN 3000 concentrators and do not affect all versions. The Cisco VPN 3000 series concentrators affected by these vulnerabilities includes models 3005, 3015, 3030, 3060, 3080 and the Cisco VPN 3002 Hardware Client.

Full details on these vulnerabilities, the products affected and the patches available can be consulted in Cisco's security advisory at: http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml

(*) The Cisco VPN 3000 series concentrators are a family of purpose-built, remote access Virtual Private Network (VPN) platforms for data encryption and authentication.

- Bug/Virus alert was taken from Panda Software's mailing list