{"vuid":"VU#221164","idnumber":"221164","name":"Cisco VPN 3000 Concentrator vulnerable to DoS via large number of malformed ICMP packets","keywords":["Cisco","VPN 3000 Concentrator","DoS","denial of service","malformed ICMP packet","CSCdt84906"],"overview":"A vulnerability in some Cisco Virtual Private Network (VPN) products could allow a remote attacker to cause a denial of service.","clean_desc":"The Cisco VPN 3000 Series Concentrators and the Cisco VPN 3002 Hardware Clients are Virtual Private Network (VPN) platforms designed to provide secure remote network access. Some models of these devices contain a vulnerability by which a flood of malformed ICMP packets could result in performance degradation or cause the affected device to reboot.","impact":"A denial-of-service condition can result from degraded performance or unexpected rebooting of the affected device.","resolution":"Cisco Systems Inc. has released software patches and workaround information for this vulnerability. Please see the vendor information section of this document for more details.","workarounds":"Workarounds Filter malformed ICMP packets on network devices that are upstream from the affected VPN Concentrator device. Sites may wish to apply this workaround in conjunction with the application of the recommended patches. As a general rule, the CERT/CC recommends that sites block all types of network traffic that are not explicitly required for normal operation.","sysaffected":"","thanks":"Thanks to Cisco Systems Product Security Incident Response Team for reporting this vulnerability.","author":"This document was written by Chad R Dougherty.","public":["http://www.cisco.com/warp/public/707/cisco-sa-20030507-vpn3k.shtml","http://www.iss.net/security_center/static/11956.php"],"cveids":["CVE-2003-0260"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2003-05-07T17:22:19Z","publicdate":"2003-05-07T00:00:00Z","datefirstpublished":"2003-06-23T18:13:10Z","dateupdated":"2003-06-23T18:13:16Z","revision":12,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"8","cam_easeofexploitation":"14","cam_attackeraccessrequired":"15","cam_scorecurrent":"11.8125","cam_scorecurrentwidelyknown":"14.175","cam_scorecurrentwidelyknownexploited":"23.625","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":11.8125,"vulnote":null}