Cisco PIX VPN Session Hijacking Vulnerability

PIX is the firewall system/firmware combination distributed and maintained by Cisco Systems.

A vulnerability has been discovered in the handling of VPN sessions by PIX firewalls. Due to insecure handling of sessions through the Internet Security Authentication Key Management Protocol (ISAKMP) Security Associations (SAs) implemented by PIX firewalls, it is possible for a user to hijack the session of another. This could result in users gaining unintended access to private networks.

The attacker must already have access to the peer authentication key to initiate this type of attack.


 

Privacy Statement
Copyright 2010, SecurityFocus