CVE-2002-1108 Information

Description

Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.6(Rel) when configured with all tunnel mode can be forced into acknowledging a TCP packet from outside the tunnel.

Reference

http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml http://www.securityfocus.com/bid/5651 https://exchange.xforce.ibmcloud.com/vulnerabilities/10047