• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco VPN 3000 Series Concentrator User Credential Disclosure Vulnerability

Solution:
Cisco has released fixes which address this issue. For Cisco VPN 3002 Hardware Client, this issue is addressed in versions 3.5.5 and 3.6.1 of the firmware.


Cisco VPN 3000 Concentrator 3.1 (Rel)

• Cisco VPN 3000 Concentrator 3.1.4
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.1.1

• Cisco VPN 3000 Concentrator 3.1.4
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.1.2

• Cisco VPN 3000 Concentrator 3.1.4
  http://www.cisco.com/tac

Cisco VPN 3000 Concentrator 3.5 (Rel)

• Cisco VPN 3000 Concentrator 3.5.1
  http://www.cisco.com/tac