Cisco VPN 3000 Series Concentrator用户凭据泄露漏洞

漏洞信息详情

Cisco VPN 3000 Series Concentrator用户凭据泄露漏洞

• CNNVD编号：CNNVD-200210-142
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-1096
  
• 漏洞类型：
  
  
  设计错误
  
• 发布时间：
  
  2002-10-04
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-05-13
  
• 厂        商：
  
  cisco
• 漏洞来源：
  Vulnerability anno…

Cisco VPN 3000 Concentrator 3.5.1之前的2.2.x，和3.x版本存在漏洞。受限制的管理员利用该漏洞可以获取以明文方式存储在HTML源代码中的用户密码。

Cisco has released fixes which address this issue. For Cisco VPN 3002 Hardware Client, this issue is addressed in versions 3.5.5 and 3.6.1 of the firmware.
Cisco VPN 3000 Concentrator 3.1 (Rel)

• Cisco VPN 3000 Concentrator 3.1.4
  
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.1.1

• Cisco VPN 3000 Concentrator 3.1.4
  
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.1.2

• Cisco VPN 3000 Concentrator 3.1.4
  
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.5 (Rel)

• Cisco VPN 3000 Concentrator 3.5.1
  
  http://www.cisco.com/tac

来源: XF
名称: cisco-vpn-user-passwords(10019)
链接:http://www.iss.net/security_center/static/10019.php

来源: CISCO
名称: 20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities
链接:http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml

来源: BID
名称: 5611
链接:http://www.securityfocus.com/bid/5611