Cisco PIX Firewall 6.0.3 and previous versions, and 6.1.x to 6.1.3, do not delete the duplicate ISAKMP SAs for a user's VPN session, which allows local users to hijack a session via a man-in-the-middle attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco pix firewall software 6.1 |
||
cisco pix firewall software 6.1\\(2\\) |
||
cisco pix firewall software 6.1\\(3\\) |
||
cisco pix firewall software 6.0 |
||
cisco pix firewall software 6.0\\(2\\) |
||
cisco pix firewall software 6.0\\(1\\) |
||
cisco pix firewall software 6.0\\(3\\) |