• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco VPN 3000 Series Concentrator Web Interface Information Disclosure Vulnerability

Cisco VPN 3000 series concentrators leave some areas of the web interface exposed to unauthenticated web users. It has been reported that some of the exposed web pages may contain a limited amount of sensitive information which may potentially be of use to remote attackers.

Attackers may use the sensitive information disclosed in this manner to potentially aid in mounting further attacks against the device and the network.