Cisco Security Advisory: Cisco VPN 3000 Concentrator Vulnerable to Crafted HTTP Attack
Click here to download now
Overview: The Cisco VPN 3000 series concentrators are a family of purpose built, remote access Virtual Private Network (VPN) platforms for data encryption and authentication. HTTP to the VPN3000 could be blocked as part of an Infrastructure ACL on screening routers, switches and firewalls controlling all access to the trusted network. Infrastructure ACLs are considered a network security best practice and should be considered as a long term addition to good network security, as well as a work around for this specific vulnerability.