230 matches found
Authentication flaw
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key PSK authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames...
CVE-2007-4422
The login interface in Symantec Enterprise Firewall 6.x, when a VPN with pre-shared key PSK authentication is enabled, generates different responses depending on whether or not a username is valid, which allows remote attackers to enumerate valid usernames...
Intel® PROSet/Wireless Software Local Information Disclosure
Intel® PROSet/Wireless Software Local Information Disclosure Summary: A security vulnerability exists in the Intel® PROSet/Wireless Software PROSet application because of insecure usage of shared memory allowing a person having access to the user's computer or malicious software installed on the...
CVE-2005-4696
The Microsoft Wireless Zero Configuration system WZCS stores WEP keys and pair-wise Master Keys PMK of the WPA pre-shared key in plaintext in memory of the explorer process, which allows attackers with access to process memory to steal the keys and access the network...
CVE-2005-4697
The Microsoft Wireless Zero Configuration system WZCS allows local users to access WEP keys and pair-wise Master Keys PMK of the WPA pre-shared key via certain calls to the WZCQueryInterface API function in wzcsapi.dll...
CVE-2005-2640
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but...
CVE-2005-2640
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but...
[Full-disclosure] Juniper Netscreen VPN Username Enumeration Vulnerability
Juniper Netscreen VPN Username Enumeration Vulnerability 1. Overview NTA Monitor has discovered a VPN username enumeration vulnerability in the Juniper Netscreen integrated Firewall/VPN products while performing a VPN security test for a customer. The vulnerability affects remote access VPNs know...
Juniper NetScreen 5.0 - VPN 'Username' Enumeration
source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN users. With a valid username, an attacker can...
Juniper NetScreen 5.0 - VPN Username Enumeration
Juniper NetScreen 5.0 - VPN Username Enumeration source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN...