CVE-2002-1094

Published: Oct 4, 2002Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.

Affected (20)

Products: Cisco: Vpn 3000 Concentrator Series Software, Vpn 3002 Hardware Client

Cisco

2 products

Vpn 3000 Concentrator Series Software

Vpn 3002 Hardware Client

Configuration A

20 vulnerable

Vulnerable Software	Affected Versions
Cisco Vpn 3000 Concentrator Series Software	Version 2.0
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.a
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.b
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.c
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.d
Cisco Vpn 3000 Concentrator Series Software	Version 2.5.2.f
Cisco Vpn 3000 Concentrator Series Software	Version 3.0.3.a
Cisco Vpn 3000 Concentrator Series Software	Version 3.0.3.b
Cisco Vpn 3000 Concentrator Series Software	Version 3.0.4
Cisco Vpn 3000 Concentrator Series Software	Version 3.0
Cisco Vpn 3000 Concentrator Series Software	Version 3.0(rel)
Cisco Vpn 3000 Concentrator Series Software	Version 3.1.1
Cisco Vpn 3000 Concentrator Series Software	Version 3.1.2
Cisco Vpn 3000 Concentrator Series Software	Version 3.1.4
Cisco Vpn 3000 Concentrator Series Software	Version 3.1(rel)
Cisco Vpn 3000 Concentrator Series Software	Version 3.5.1
Cisco Vpn 3000 Concentrator Series Software	Version 3.5.2
Cisco Vpn 3000 Concentrator Series Software	Version 3.5.3
Cisco Vpn 3000 Concentrator Series Software	Version 3.5(rel)
Cisco Vpn 3002 Hardware Client	All versions