Описание
Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:vpn_client:3.5.1:*:linux:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:3.5.1:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:3.5.1:*:solaris:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:3.5.1:*:windows:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:3.5.2:*:linux:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:3.5.2:*:mac_os_x:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:3.5.2:*:solaris:*:*:*:*:*
cpe:2.3:a:cisco:vpn_client:3.5.2:*:windows:*:*:*:*:*
EPSS
Процентиль: 72%
0.00714
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Buffer overflows in Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service via (1) an Internet Key Exchange (IKE) with a large Security Parameter Index (SPI) payload, or (2) an IKE packet with a large number of valid payloads.
EPSS
Процентиль: 72%
0.00714
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other