Cisco VPN Client Zero Length IKE Packet Denial Of Service Vulnerability

Cisco VPN Client Zero Length IKE Packet Denial Of Service Vulnerability

The Cisco VPN Client is Virtual Private Network software. Some versions of the VPN Client are vulnerable to a denial of service attack.

When vulnerable clients receive a specific IKE packet with a zero length payload, the VPN client will consume all available processor time. This may result in a denial of service condition, and require that the VPN client process be manually killed and restarted in order to regain normal functionality.