Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Cisco VPN Contentrator IPSec over TCP port connectivity

Cisco VPN Contentrator IPSec over TCP port connectivity

by Mario Miri on May 17th, 2003 Cisco VPN contratrators do not properly handle IPSec over TCP traffic, which allows the attacker to gain access to the port behind the concetrator.


Vulnerable:
Cisco VPN 3000 Concentrator 3.5 (Rel)
Cisco VPN 3000 Concentrator 3.5.1
Cisco VPN 3000 Concentrator 3.5.2
Cisco VPN 3000 Concentrator 3.5.3
Cisco VPN 3000 Concentrator 3.5.4
Cisco VPN 3000 Concentrator 3.5.5
Cisco VPN 3000 Concentrator 3.6
Cisco VPN 3000 Concentrator 3.6.1
Cisco VPN 3000 Concentrator 3.6.7 D
Cisco VPN 3000 Concentrator 4.0
Cisco VPN 3002 Hardware Client
Cisco VPN 3005 Concentrator 3.6.3
Cisco VPN 3005 Concentrator 3.6.5
Cisco VPN 3005 Concentrator 3.6.7 D
Cisco VPN 3005 Concentrator 3.6.7 C
Cisco VPN 3005 Concentrator 3.6.7 B
Cisco VPN 3005 Concentrator 3.6.7 A
Cisco VPN 3005 Concentrator 3.6.7
Cisco VPN 3005 Concentrator 4.0
Cisco VPN 3005 Concentrator 4.0.1
Cisco VPN 3015 Concentrator
Cisco VPN 3030 Concentrator
Cisco VPN 3060 Concentrator
Cisco VPN 3080 Concentrator


Solution:
Cisco suggested workaround:
Add rules to the filter for the private interface that restrict outgoing traffic on ports configured for use by IPSec over TCP on the VPN concentrator. This would not stop the traffic from the public network reaching the VPN 3000 concentrator itself but would prevent the traffic from reaching the servers on the private network.

Fixes are available:
http://www.cisco.com


Discovered by:
Announced by CISCO


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »