Cisco VPN 3000 Concentrator Groupname Enumeration Vulnerability
CVE-2005-2025 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.
Learn more about our Web Application Penetration Testing UK.