VPN Client version 5.0.0.7.0290 security flaw
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-14-2011 12:00 PM
All,
I wanted to share a recent find. With Windows 7, probably other OS versions are also applicable, if a user launches a valid VPN connection it stays an open connect when opting to 'switch users.' We confirmed this while setting up a new PC and no pre-established profiles on the computer excluding the local initial PC profile. If VPN is open to a local PC profile the IP connection does not disconnect and bleeds into new connections.
M
- Labels:
-
VPN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2011 02:59 AM
Hi,
Thank you for bringing this to our attention. For any (suspected) security vulnerability in a Cisco product, please report it to the Cisco Product Security Incident Response Team (PSIRT) at psirt@cisco.com :
http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#roosfassv
regards
Herbert
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-11-2011 12:59 PM
This vulnerability is being tracked by CSCtn20472. The PSIRT team is tracking it with case number
PSIRT-0847721465. The developers are reviewing it and determining the fix, I will update you directly when it is resolved.
Thanks very much for letting us know. If you encounter vulnerabilities in the future, please send them directly to psirt@cisco.com. Thanks
-Wendy
