• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Cisco VPN 3000 Series Concentrator ISAKMP Denial of Service Vulnerabilities

Severity: HIGH

Description:

Cisco VPN 3000 series concentrators are a family of products for facilitating secure communications via VPN (Virtual Private Networks).

There are a number of circumstances where maliciously constructed Internet Security Association and Key Management Protocol (ISAKMP) packets may cause the affected device to reload.

Cisco has reported that the following will trigger the condition:

- Receipt of a 'malformed' ISAKMP packet. Precisely how the packet must be malformed is not currently known.

- Receipt of various 'malformed' ISAKMP packets while debug mode is enabled. Precisely how the packets are malformed is not currently known.

- Receipt of a ISAKMP packet containing a very large number of payloads.

- Receipt of large ISAKMP packets while debug mode is enabled.

Each of these circumstances may result in the device reloading. Repeated attacks may result in a denial of network/VPN service.

** This issue was originally covered in Bugtraq ID 5609 "Multiple Cisco VPN 3000 Vulnerabilities" and is now being assigned an individual Bugtraq ID.

Affected Products:

• Cisco VPN 3000 Concentrator 2.0.0
• Cisco VPN 3000 Concentrator 2.5.2(A)
• Cisco VPN 3000 Concentrator 2.5.2(B)
• Cisco VPN 3000 Concentrator 2.5.2(C)
• Cisco VPN 3000 Concentrator 2.5.2(D)
• Cisco VPN 3000 Concentrator 2.5.2(F)
• Cisco VPN 3000 Concentrator 3.0.0
• Cisco VPN 3000 Concentrator 3.0.0
• Cisco VPN 3000 Concentrator 3.0.3(A)
• Cisco VPN 3000 Concentrator 3.0.3(B)
• Cisco VPN 3000 Concentrator 3.0.4
• Cisco VPN 3000 Concentrator 3.1.0
• Cisco VPN 3000 Concentrator 3.1.0(Rel)
• Cisco VPN 3000 Concentrator 3.1.1
• Cisco VPN 3000 Concentrator 3.1.2
• Cisco VPN 3000 Concentrator 3.1.4
• Cisco VPN 3000 Concentrator 3.5.0(Rel)
• Cisco VPN 3000 Concentrator 3.5.1
• Cisco VPN 3000 Concentrator 3.5.2
• Cisco VPN 3000 Concentrator 3.5.3
• Cisco VPN 3000 Concentrator 3.5.4
• Cisco VPN 3002 Hardware Client 0.0.0

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.