First published: Tue Dec 31 2002(Updated: )
Cisco PIX Firewall 6.0.3 and earlier, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Pix Firewall Software | =6.0\(1\) | |
Cisco Pix Firewall Software | =6.0\(2\) | |
Cisco Pix Firewall Software | =6.0 | |
Cisco Pix Firewall Software | =6.0\(3\) | |
Cisco Pix Firewall Software | =6.1 | |
Cisco Pix Firewall Software | =6.1\(2\) | |
Cisco Pix Firewall Software | =6.1\(3\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.