From: kaps lock (kapsloc1978@yahoo.com)
Date: Sun May 15 2005 - 23:09:02 EDT
hi all,
i am pen-testing one of our clients and am seeing
their web interface to the vpn concentrator (cisco)
available publicly on the internet with the username
/password page.
How could i explain somebody tht it can be
exploited...am sure this is not a good idea to hav ur
vpn concnetrator interface on the public internet..but
i cant find any vulenrabilites on the net ....to
explain to the person....only thing i can think of is
brute forcing the username pasword field...which is
again a challenge for web vpn..any ideas??
thanks
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:21 EDT