Penetration Testing mailing list archives
Cisco VPN Concentrator GUI
From: kaps lock <kapsloc1978 () yahoo com>
Date: Sun, 15 May 2005 20:09:02 -0700 (PDT)
hi all, i am pen-testing one of our clients and am seeing their web interface to the vpn concentrator (cisco) available publicly on the internet with the username /password page. How could i explain somebody tht it can be exploited...am sure this is not a good idea to hav ur vpn concnetrator interface on the public internet..but i cant find any vulenrabilites on the net ....to explain to the person....only thing i can think of is brute forcing the username pasword field...which is again a challenge for web vpn..any ideas?? thanks __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Current thread:
- Cisco VPN Concentrator GUI kaps lock (May 16)
- Re: Cisco VPN Concentrator GUI Stephen Hassard (May 16)
- Re: Cisco VPN Concentrator GUI Atte Peltomaki (May 17)
- Re: Cisco VPN Concentrator GUI Erik Kamerling (May 17)
- <Possible follow-ups>
- RE: Cisco VPN Concentrator GUI Todd Towles (May 16)
- RE: Cisco VPN Concentrator GUI James Williams (May 16)
- RE: Cisco VPN Concentrator GUI Johnson, Joey (May 17)
- RE: Cisco VPN Concentrator GUI kaps lock (May 18)
- Exchange mail server settings - easy dump possible? Petr . Kazil (May 23)
- RE: Exchange mail server settings - easy dump possible? Robert Strom (May 24)
- Exchange mail server settings - easy dump possible? Petr . Kazil (May 23)