Vpn 3005 Concentrator Software

vpn_3005_concentrator_software

Vendor: Cisco • 5 CVEs

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-3906 1Cisco 21Adaptive Security Appliance Software IosPix Asa Ids+18 more Apr 16, 2026 Jul 27, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-...Show more Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.Show less
CVE-2005-4499 1Cisco 21Adaptive Security Appliance Software Pix Asa IdsPix Firewall+18 more Apr 16, 2026 Dec 22, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hi...Show more The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.Show less
CVE-2005-2025 1Cisco 8Vpn 3000 Concentrator Vpn 3000 Concentrator Series SoftwareVpn 3005 Concentrator Software+5 more Apr 16, 2026 Jun 20, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is...Show more Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.Show less
CVE-2005-0943 1Cisco 8Vpn 3000 Concentrator Series Software Vpn 3002 Hardware ClientVpn 3005 Concentrator Software+5 more Apr 16, 2026 Mar 30, 2005 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet.
CVE-2003-0258 1Cisco 7Vpn 3000 Concentrator Series Software Vpn 3002 Hardware ClientVpn 3005 Concentrator Software+4 more Apr 16, 2026 May 27, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authe...Show more Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication.Show less