IKE Aggressive Mode Shared Secret Hash Leakage Weakness

Bugtraq ID: 7423
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Oct 02 1999 12:00AM
Updated: Oct 02 1999 12:00AM
Credit: Attack first published by John Pliam <pliam@ima.umn.edu>.
Vulnerable: IETF RFC 2409: The Internet Key Exchange (IKE)
+ Check Point Software Firewall-1 [ VPN + DES + STRONG ] 4.1 SP2 Build 41716
+ Check Point Software Firewall-1 [ VPN + DES + STRONG ] 4.1 Build 41439
+ Check Point Software Firewall-1 [ VPN + DES ] 4.1
+ Check Point Software VPN-1 4.1 SP4
+ Check Point Software VPN-1 4.1 SP3
+ Check Point Software VPN-1 4.1 SP2
+ Check Point Software VPN-1 4.1 SP1
+ Check Point Software VPN-1 4.1
+ Cisco VPN 3000 Concentrator 3.6.1
+ Cisco VPN 3000 Concentrator 3.6
+ Cisco VPN 3000 Concentrator 3.5.5
+ Cisco VPN 3000 Concentrator 3.5.4
+ Cisco VPN 3000 Concentrator 3.5.3
+ Cisco VPN 3000 Concentrator 3.5.2
+ Cisco VPN 3000 Concentrator 3.5.1
+ Cisco VPN 3000 Concentrator 3.5 (Rel)
+ Cisco VPN 3000 Concentrator 3.1.4
+ Cisco VPN 3000 Concentrator 3.1.2
+ Cisco VPN 3000 Concentrator 3.1.1
+ Cisco VPN 3000 Concentrator 3.1 (Rel)
+ Cisco VPN 3000 Concentrator 3.1
+ Cisco VPN 3000 Concentrator 3.0.4
+ Cisco VPN 3000 Concentrator 3.0.3 (B)
+ Cisco VPN 3000 Concentrator 3.0.3 (A)
+ Cisco VPN 3000 Concentrator 3.0
+ Cisco VPN 3000 Concentrator 3.0
+ Cisco VPN 3000 Concentrator 2.5.2 (F)
+ Cisco VPN 3000 Concentrator 2.5.2 (D)
+ Cisco VPN 3000 Concentrator 2.5.2 (C)
+ Cisco VPN 3000 Concentrator 2.5.2 (B)
+ Cisco VPN 3000 Concentrator 2.5.2 (A)
+ Cisco VPN 3000 Concentrator 2.0
+ Cisco VPN 3002 Hardware Client
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus