Re: [VulnWatch] Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack

From: Mike Iglesias (iglesias@private)
Date: Tue Jan 31 2006 - 23:15:35 PST

Previous message: Eldon Sprickerhoff: "Re: [VulnWatch] Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack"
In reply to: Eldon Sprickerhoff: "Re: [VulnWatch] Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> Finally, the advisory states that upgrading to firmware version 4.7.2B is
> sufficient to defend against this exploit.  This is not the case.  The
> original tests WERE performed against VPN 3000 appliances running 4.7.1
> but subsequent tests show that 4.7.2B is also susceptible to this
> exploit.  The only way to resolve this issue is to block tcp/80 via ACL or
> by disabling it on the WebVPN.

FYI: I asked Cisco which version this bug was fixed in, and they said
that 4.7.2(C) has the fix.


Mike Iglesias                          Email:       iglesias@private
University of California, Irvine       phone:       949-824-6926
Network & Academic Computing Services  FAX:         949-824-2069

Previous message: Eldon Sprickerhoff: "Re: [VulnWatch] Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack"
In reply to: Eldon Sprickerhoff: "Re: [VulnWatch] Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Feb 01 2006 - 08:03:30 PST