漏洞信息详情
Cisco VPN Concentrator HTTP错误页面装置信息泄漏漏洞
- CNNVD编号:CNNVD-200210-217
- 危害等级: 低危
- CVE编号: CVE-2002-1094
- 漏洞类型: 配置错误
- 发布时间: 2002-10-04
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: cisco
- 漏洞来源: Vulnerability anno...
漏洞简介
Cisco VPN 3000 Concentrator 3.5.4之前的2.x.x和3.x.x版本存在信息泄漏漏洞。远程攻击者借助(1)SSH banner,(2)FTP banner,或者(3)不正确的HTTP请求获取潜在的敏感信息。
漏洞公告
Cisco has released fixes which address this issue. For Cisco VPN 3002 Hardware Client, this issue is addressed in versions 3.5.5 and 3.6.1 of the firmware. Cisco VPN 3000 Concentrator 3.5 (Rel)
- Cisco VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac
- Cisco VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac
- Cisco VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac
- Cisco VPN 3000 Concentrator 3.5.4 http://www.cisco.com/tac
参考网址
来源: BID 名称: 5624 链接:http://www.securityfocus.com/bid/5624 来源: BID 名称: 5623 链接:http://www.securityfocus.com/bid/5623 来源: BID 名称: 5621 链接:http://www.securityfocus.com/bid/5621 来源: XF 名称: cisco-vpn-banner-information(10020) 链接:http://www.iss.net/security_center/static/10020.php 来源: CISCO 名称: 20020903 Cisco VPN 3000 Concentrator Multiple Vulnerabilities 链接:http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.sHTML
受影响实体
- Cisco Vpn_3000_concentrator:3.5.3
- Cisco Vpn_3000_concentrator:3.5.2
- Cisco Vpn_3000_concentrator:3.5.1
- Cisco Vpn_3000_concentrator:3.5%28rel%29
- Cisco Vpn_3000_concentrator:3.1.4
补丁
暂无
评论