Summary
The remote VPN concentrator gives out too much information in application layer banners.
An incorrect page request provides the specific version of software installed.
This vulnerability is documented as Cisco bug ID CSCdu35577.
Solution
http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml
Severity
Classification
-
CVE CVE-2002-1094 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities