• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cisco VPN Concentrator Groupname Enumeration Weakness

Cisco VPN Concentrator is affected by a remote groupname enumeration weakness. This issue is due to a design error that could assist a remote attacker in enumerating groupnames.

Reportedly, once the attacker has verified a groupname they can obtain a password hash from an affected device and carry out bruteforce attacks against the password hash.

A valid groupname and password pair can allow the attacker to complete IKE Phase-1 authentication and carry out man-in-the-middle attacks against other users. This may ultimately allow the attacker to gain unauthorized access to the network.

All Cisco VPN Concentrator 3000 series products running groupname authentication are considered vulnerable to this issue.