Vulnwatch mailing list archives

Re: Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack

From: Mike Iglesias <iglesias () draco acs uci edu>
Date: Tue, 31 Jan 2006 23:15:35 -0800

Finally, the advisory states that upgrading to firmware version 4.7.2B is
sufficient to defend against this exploit.  This is not the case.  The
original tests WERE performed against VPN 3000 appliances running 4.7.1
but subsequent tests show that 4.7.2B is also susceptible to this
exploit.  The only way to resolve this issue is to block tcp/80 via ACL or
by disabling it on the WebVPN.


FYI: I asked Cisco which version this bug was fixed in, and they said
that 4.7.2(C) has the fix.


Mike Iglesias                          Email:       iglesias () uci edu
University of California, Irvine       phone:       949-824-6926
Network & Academic Computing Services  FAX:         949-824-2069

Current thread:

Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack Cisco Systems Product Security Incident Response Team (Jan 26)
- <Possible follow-ups>
- Re: Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack Eldon Sprickerhoff (Jan 31)
  - Re: Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack Mike Iglesias (Feb 01)