Signature Detail
Short Name |
IKE:DOS:CISCO-DOS |
|---|---|
Severity |
Critical |
Recommended |
No |
Category |
IKE |
Keywords |
ike cisco dos |
Release Date |
2004/02/02 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
IKE: Cisco DOS
This protocol anomaly is an IKE packet with an Identification payload that is 4 bytes long. Cisco VPN concentrators up to version 3.6.0 are vulnerable to specially formatted IKE packets. Attackers can send an Identification payload with a length of 4 bytes to cause the device to reload itself, causing a denial of service (DoS).
Extended Description
There are a number of circumstances where maliciously constructed Internet Security Association and Key Management Protocol (ISAKMP) packets may cause an affected Cisco VPN 3000 Concentrator device to reload. Denial of network/VPN service may be possible.
Affected Products
- Cisco VPN 3000 Concentrator 2.0.0
- Cisco VPN 3000 Concentrator 2.5.2 (A)
- Cisco VPN 3000 Concentrator 2.5.2 (B)
- Cisco VPN 3000 Concentrator 2.5.2 (C)
- Cisco VPN 3000 Concentrator 2.5.2 (D)
- Cisco VPN 3000 Concentrator 2.5.2 (F)
- Cisco VPN 3000 Concentrator 3.0.0
- Cisco VPN 3000 Concentrator 3.0.3 (A)
- Cisco VPN 3000 Concentrator 3.0.3 (B)
- Cisco VPN 3000 Concentrator 3.0.4
- Cisco VPN 3000 Concentrator 3.1.0
- Cisco VPN 3000 Concentrator 3.1.0 (Rel)
- Cisco VPN 3000 Concentrator 3.1.1
- Cisco VPN 3000 Concentrator 3.1.2
- Cisco VPN 3000 Concentrator 3.1.4
- Cisco VPN 3000 Concentrator 3.5.0 (Rel)
- Cisco VPN 3000 Concentrator 3.5.1
- Cisco VPN 3000 Concentrator 3.5.2
- Cisco VPN 3000 Concentrator 3.5.3
- Cisco VPN 3000 Concentrator 3.5.4
- Cisco VPN 3002 Hardware Client
References