Cisco Warns of Flaws in VPN 3000 Series
Cisco released a bulletin detailing more than a dozen security vulnerabilities in its popular 3000 series of VPN concentrators.Cisco Systems Inc. on Tuesday released a bulletin detailing more than a dozen security vulnerabilities in its popular 3000 series of VPN concentrators. The effects of the vulnerabilities range from denials of service to password disclosure to illicit network access. All of the 3000 series concentrators and the Cisco VPN 3002 Hardware Client are affected by the flaws. The most serious problem enables some restricted-access administrative users to see the administrative password by viewing the source code of HTML pages containing the password. A separate vulnerability enables administrators to see the unencrypted certificate password for the concentrator by viewing the HTML source code.
There is also a flaw that effectively allows any protocol traffic to access any port on the concentrator. When an administrator enables the XML filter configuration, the concentrator automatically adds a rule to the public filter that requires HTTPS for public inbound traffic. The rule mistakenly sets the protocol value to "any" and the value for the destination port to 443.