Results 1 to 2 of 2

Thread: Cisco ASA issue

  1. #1
    Junior Member
    Join Date
    Mar 2006
    Posts
    15

    Cisco ASA issue

    Hi All,

    We are using Cisco webvpn for remote access. While doing a security test, it was revealed:

    - with webvpn enabled on any port other then the default (443) the webvpn http server responds to the url http://<webvpn_address>:<port#>/<anything.exe>
    - you can change <anything.exe> to any text you wish, as long as it ends in .exe the asa sends the client a 0 byte .exe file

    Has anyone came across such issue and how can it lead to security attack.

    Thanks in advance.

  2. #2
    Junior Member
    Join Date
    Mar 2006
    Posts
    15
    Still no replies?

Similar Threads

  1. Cisco Security Advisory: Cisco Telnet Denial of Service Vulnerability
    By Spyder32 in forum Miscellaneous Security Discussions
    Replies: 1
    Last Post: May 27th, 2008, 01:17 PM
  2. Port List
    By ThePreacher in forum Miscellaneous Security Discussions
    Replies: 17
    Last Post: December 14th, 2006, 09:37 PM
  3. Cisco ACNS software users!
    By phishphreek in forum Network Security Discussions
    Replies: 0
    Last Post: December 10th, 2003, 08:00 PM
  4. Heads up for the Cisco PIX people
    By Ratman2 in forum Firewall & Honeypot Discussions
    Replies: 0
    Last Post: November 22nd, 2002, 03:17 PM
  5. how to hack cisco a router... wow
    By NUKEM6 in forum Non-Security Archives
    Replies: 1
    Last Post: February 3rd, 2002, 11:28 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •