Lucene search

[email protected]CVE-2002-1623

HistoryDec 31, 2002 - 5:00 a.m.

CVE-2002-1623

2002-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

310

internet key exchange

ike protocol

aggressive mode

shared secret authentication

encryption

remote attackers

usernames

sniffing

nvd

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

73.6%

JSON

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.

CPENameOperatorVersion
checkpoint:vpn-1_firewall-1checkpoint vpn-1 firewall-1eq4.0
checkpoint:vpn-1_firewall-1checkpoint vpn-1 firewall-1eq4.1

CPE	Name	Operator	Version
checkpoint:vpn-1_firewall-1	checkpoint vpn-1 firewall-1	eq	4.0
checkpoint:vpn-1_firewall-1	checkpoint vpn-1 firewall-1	eq	4.1

References

lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html

marc.info/?l=bugtraq&m=103124812629621&w=2

marc.info/?l=bugtraq&m=103176164729351&w=2

www.checkpoint.com/techsupport/alerts/ike.html

www.kb.cert.org/vuls/id/886601

www.nta-monitor.com/news/checkpoint.htm

www.securiteam.com/securitynews/5TP040U8AW.html

www.securityfocus.com/archive/1/290202

www.securityfocus.com/bid/5607

exchange.xforce.ibmcloud.com/vulnerabilities/10034

7.1 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

73.6%

JSON

Related for CVE-2002-1623

nessus1