The Cisco VPN 3000 series concentrators are affected by two vulnerabilities when file management via File Transfer Protocol (FTP) is enabled that could allow authenticated or unauthenticated attackers to execute certain FTP commands and delete files on the concentrator. None of the vulnerabilities allows unauthorized users to transfer files from or to the concentrator. Cisco has made free software available to address these vulnerabilities for affected customers. There are workarounds available to mitigate these vulnerabilities as well. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20060823-vpn3k .