Details of VAR-200506-0141

ID

VAR-200506-0141

CVE

CVE-2005-2025

TITLE

Cisco IOS and Cisco PIX Firewall In VPN Vulnerability to get group name

Trust: 0.8

sources: JVNDB: JVNDB-2006-000211

DESCRIPTION

Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname. Cisco IOS and Cisco PIX Firewall In IKE Valid group names in aggressive mode messages / There are vulnerabilities whose responses differ depending on the invalidity. In addition, there is a vulnerability that can analyze the hash value from the response when requesting a valid group name.A valid group name and password hash may be obtained. Cisco VPN Concentrator is affected by a remote groupname enumeration weakness. This issue is due to a design error that could assist a remote attacker in enumerating groupnames. Reportedly, once the attacker has verified a groupname they can obtain a password hash from an affected device and carry out bruteforce attacks against the password hash. A valid groupname and password pair can allow the attacker to complete IKE Phase-1 authentication and carry out man-in-the-middle attacks against other users. This may ultimately allow the attacker to gain unauthorized access to the network. All Cisco VPN Concentrator 3000 series products running groupname authentication are considered vulnerable to this issue. This issue is tracked by the following Cisco BUG IDs: CSCeg00323, CSCsb38075, and CSCsf25725 - for the Cisco VPN 3000 Series Concentrators CSCei29901 - for the Cisco PIX 500 Series Security Appliances running code version 7.x CSCei51783 - for the Cisco ASA 5500 Series Adaptive Security Appliances running code version 7.x CSCsb26495 and CSCsb33172 - for Cisco IOSÂ® software. Cisco VPN series hubs consist of a general-purpose remote access virtual private network (VPN) platform and client software that combines high availability, performance, and scalability with today's most advanced encryption and authentication technologies, providing professional operators with or enterprise users to provide services. A remote group name enumeration vulnerability exists in Cisco VPN hubs that could allow an attacker to use a dictionary program to determine valid group names on the hub

Trust: 1.98

sources: NVD: CVE-2005-2025 // JVNDB: JVNDB-2006-000211 // BID: 13992 // VULHUB: VHN-13234

AFFECTED PRODUCTS

vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30002.5.2	Trust: 1.5
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.2	Trust: 1.1
vendor:	cisco	model:	ios	scope:	eq	version:	12.1	Trust: 1.1
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.0	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.3.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.5	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.4	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1	Trust: 1.0
vendor:	cisco	model:	vpn 3005 concentrator software	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0.3.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.c	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.4	Trust: 1.0
vendor:	cisco	model:	vpn 3015 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7d	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.f	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1.7.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.a	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.4	Trust: 1.0
vendor:	cisco	model:	vpn 3060 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1\(rel\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.2	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.d	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.0.1	Trust: 1.0
vendor:	cisco	model:	vpn 3080 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.0	Trust: 1.0
vendor:	cisco	model:	vpn 3020 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.3	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.f	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.0	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	2.5.2.d	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.1.2	Trust: 1.0
vendor:	cisco	model:	vpn 3030 concentator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5\(rel\)	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1.5.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.1.7.b	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.7.c	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.3	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.6.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.1	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	3.5.5	Trust: 1.0
vendor:	cisco	model:	vpn 3000 concentrator series software	scope:	eq	version:	4.0.5.b	Trust: 1.0
vendor:	cisco	model:	ios	scope:	eq	version:	12.0	Trust: 0.8
vendor:	cisco	model:	pix/asa	scope:	eq	version:	7.0	Trust: 0.8
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0.3	Trust: 0.6
vendor:	cisco	model:	ios 12.4 t	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	2.5.2.a	Trust: 0.6
vendor:	cisco	model:	vpn 3060 concentrator	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	2.5.2.c	Trust: 0.6
vendor:	cisco	model:	vpn 3020 concentrator	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn 3030 concentator	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	2.5.2.b	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn 3000 concentrator	scope:	eq	version:	2.0	Trust: 0.6
vendor:	cisco	model:	vpn 3080 concentrator	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn 3015 concentrator	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3080	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3060	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3030	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3020	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	3015	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30054.0.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30054.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator d	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator c	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator b	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator a	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30053.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30053.6.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30053.6.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator .b	scope:	eq	version:	30004.1.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.1.x	Trust: 0.3
vendor:	cisco	model:	vpn concentrator .b	scope:	eq	version:	30004.0.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.0.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.0.x	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30004.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator d	scope:	eq	version:	30003.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.6.7	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.6.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.6	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.3	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.5	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.2	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.1.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0.4	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30003.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	eq	version:	30002.0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator 4.1.7.b	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	vpn concentrator 4.1.7.a	scope:	eq	version:	3000	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5350	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5256.3	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	525	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	520	Trust: 0.3
vendor:	cisco	model:	pix firewall 515e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	515	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5060	Trust: 0.3
vendor:	cisco	model:	pix firewall	scope:	eq	version:	5010	Trust: 0.3
vendor:	cisco	model:	pix series security appliance	scope:	eq	version:	5007.0	Trust: 0.3
vendor:	cisco	model:	ios 12.4xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xx	Trust: 0.3
vendor:	cisco	model:	ios 12.3xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3tpc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ze	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2za	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.2xv	Trust: 0.3
vendor:	cisco	model:	ios 12.2xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xs	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sxa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2sw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2su	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2s	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2dd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2by	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1gb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ga	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ey	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ew	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ec	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1eb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ea	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1e	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1az	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ay	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1ax	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.0xv	Trust: 0.3
vendor:	cisco	model:	ios 12.0xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.0t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	7.0(2)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	7.0(0)	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	7.0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30804.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30804.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30604.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30604.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30304.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30304.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30204.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30204.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30154.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30154.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30054.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator	scope:	ne	version:	30054.7.1	Trust: 0.3
vendor:	cisco	model:	vpn concentrator f	scope:	ne	version:	30004.7.1	Trust: 0.3
vendor:	cisco	model:	pix series security appliance	scope:	ne	version:	5007.0(4)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.4(5)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.3(16)	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.2(33)	Trust: 0.3
vendor:	cisco	model:	ios 12.2 ey	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.1(27)	Trust: 0.3
vendor:	cisco	model:	ios 12.1 e6	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.1 ea8	scope:	ne	version:	-	Trust: 0.3

sources: BID: 13992 // JVNDB: JVNDB-2006-000211 // CNNVD: CNNVD-200506-188 // NVD: CVE-2005-2025

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2025
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2005-2025
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-200506-188
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-13234
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-2025
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-13234
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13234 // JVNDB: JVNDB-2006-000211 // CNNVD: CNNVD-200506-188 // NVD: CVE-2005-2025

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2025

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200506-188

TYPE

Design Error

Trust: 0.9

sources: BID: 13992 // CNNVD: CNNVD-200506-188

CONFIGURATIONS

sources: JVNDB: JVNDB-2006-000211

PATCH

title:	cisco-sn-20050624-vpn-grpname	url:	http://www.cisco.com/warp/public/707/cisco-sn-20050624-vpn-grpname.shtml	Trust: 0.8
title:	cisco-sn-20050624-vpn-grpname	url:	http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sn-20050624-vpn-grpname-j.shtml	Trust: 0.8

sources: JVNDB: JVNDB-2006-000211

EXTERNAL IDS

db:	BID	id:	13992	Trust: 2.8
db:	NVD	id:	CVE-2005-2025	Trust: 2.8
db:	VUPEN	id:	ADV-2005-0822	Trust: 1.7
db:	JVNDB	id:	JVNDB-2006-000211	Trust: 0.8
db:	CNNVD	id:	CNNVD-200506-188	Trust: 0.7
db:	VULHUB	id:	VHN-13234	Trust: 0.1

sources: VULHUB: VHN-13234 // BID: 13992 // JVNDB: JVNDB-2006-000211 // CNNVD: CNNVD-200506-188 // NVD: CVE-2005-2025

REFERENCES

url:	http://www.securityfocus.com/bid/13992	Trust: 2.5
url:	http://www.nta-monitor.com/news/vpn-flaws/cisco/vpn-concentrator/index.htm	Trust: 2.0
url:	http://www.frsirt.com/english/advisories/2005/0822	Trust: 1.4
url:	http://www.vupen.com/english/advisories/2005/0822	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-2025	Trust: 0.8
url:	http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-2025	Trust: 0.8
url:	http://www.cisco.com/warp/public/707/cisco-sa-20050624-vpn-grpname.shtml	Trust: 0.3
url:	http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/4_7/471con3k.htm#wp560292	Trust: 0.3

sources: VULHUB: VHN-13234 // BID: 13992 // JVNDB: JVNDB-2006-000211 // CNNVD: CNNVD-200506-188 // NVD: CVE-2005-2025

CREDITS

Roy Hills Roy.Hills@nta-monitor.com

Trust: 0.6

sources: CNNVD: CNNVD-200506-188

SOURCES

db:	VULHUB	id:	VHN-13234
db:	BID	id:	13992
db:	JVNDB	id:	JVNDB-2006-000211
db:	CNNVD	id:	CNNVD-200506-188
db:	NVD	id:	CVE-2005-2025

LAST UPDATE DATE

2024-08-14T15:25:40.569000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13234	date:	2018-10-30T00:00:00
db:	BID	id:	13992	date:	2015-03-19T08:35:00
db:	JVNDB	id:	JVNDB-2006-000211	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200506-188	date:	2006-09-22T00:00:00
db:	NVD	id:	CVE-2005-2025	date:	2018-10-30T16:26:19.357

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13234	date:	2005-06-20T00:00:00
db:	BID	id:	13992	date:	2005-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2006-000211	date:	2007-04-01T00:00:00
db:	CNNVD	id:	CNNVD-200506-188	date:	2005-06-20T00:00:00
db:	NVD	id:	CVE-2005-2025	date:	2005-06-20T04:00:00