CVSS: 5.0EPSS: 0%CPEs: 44EXPL: 1CVE-2005-2025
https://notcve.org/view.php?id=CVE-2005-2025
Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname. • http://www.nta-monitor.com/news/vpn-flaws/cisco/VPN-Concentrator/index.htm http://www.securityfocus.com/bid/13992 http://www.vupen.com/english/advisories/2005/0822 •
CVSS: 5.0EPSS: 0%CPEs: 45EXPL: 0CVE-2005-0943
https://notcve.org/view.php?id=CVE-2005-0943
Cisco VPN 3000 series Concentrator running firmware 4.1.7.A and earlier allows remote attackers to cause a denial of service (device reload or drop user connection) via a crafted HTTPS packet. • http://secunia.com/advisories/14784 http://www.cisco.com/warp/public/707/cisco-sa-20050330-vpn3k.shtml http://www.securityfocus.com/bid/12948 https://exchange.xforce.ibmcloud.com/vulnerabilities/19903 •