Sygate Secure Enterprise Protocol Session Replay DoS

2004-08-10T08:43:44
ID OSVDB:8524
Type osvdb
Reporter Martin O'Neal(martin.oneal@corsaire.com)
Modified 2004-08-10T08:43:44

Description

Vulnerability Description

Sygate Secure Enterprise contains a flaw that may allow a remote denial of service. The issue is a trigged by a lack of replay protection in fields and the use of static encryption keys for communication allowing the possibility of replay attacks. A remote attacker can use this to contiually replay sessions between the SSA and the Secure Enterprise Server and will result in loss of availability for the Server.

Solution Description

Upgrade to version 3.5MR3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Sygate Secure Enterprise contains a flaw that may allow a remote denial of service. The issue is a trigged by a lack of replay protection in fields and the use of static encryption keys for communication allowing the possibility of replay attacks. A remote attacker can use this to contiually replay sessions between the SSA and the Secure Enterprise Server and will result in loss of availability for the Server.

References:

Vendor URL: http://www.sygate.com/products/enterprise_policy_management.htm Vendor URL: http://www.sygate.com Secunia Advisory ID:12263 Related OSVDB ID: 8525 Related OSVDB ID: 8523 Other Advisory URL: http://www.corsaire.com/advisories/c031120-002.txt Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-08/0140.html CVE-2004-0163