• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco IOS Easy VPN Server XAUTH Authentication Bypass Vulnerability

Cisco IOS Easy VPN Server is reported prone to an authentication bypass vulnerability. This issue can allow remote attackers to bypass Extended Authentication (XAUTH) and gain unauthorized access to resources.

An unauthorized attacker may send certain malformed UDP packets to UDP port 500 to complete XAUTH authentication and gain unauthorized access to network resources.