IKE Aggressive Mode Shared Secret Hash Leakage Weakness

ID SSV:76331
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00


No description provided by source.

                                                source: http://www.securityfocus.com/bid/7423/info

When a VPN is configured to use a pre-shared master secret and a client attempts to negotiate keys in aggressive mode, a hash of the secret is transmitted across the network in clear-text. This may result in the hash being leaked to eavesdroppers or malicious clients. An offline brute-force attack on this hash may then be performed to obtain the clear-text secret.