CVE-2002-1108

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel.

Date published : 2004-09-01

http://www.securityfocus.com/bid/5651

http://www.cisco.com/warp/public/707/vpnclient-multiple2-vuln-pub.shtml