CVE-2002-1623

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:checkpoint:vpn-1_firewall-1:4.0:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:vpn-1_firewall-1:4.1:*:*:*:*:*:*:*

History

20 Nov 2024, 23:41

Type Values Removed Values Added
References () http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html - () http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html -
References () http://marc.info/?l=bugtraq&m=103124812629621&w=2 - () http://marc.info/?l=bugtraq&m=103124812629621&w=2 -
References () http://marc.info/?l=bugtraq&m=103176164729351&w=2 - () http://marc.info/?l=bugtraq&m=103176164729351&w=2 -
References () http://www.checkpoint.com/techsupport/alerts/ike.html - () http://www.checkpoint.com/techsupport/alerts/ike.html -
References () http://www.kb.cert.org/vuls/id/886601 - US Government Resource () http://www.kb.cert.org/vuls/id/886601 - US Government Resource
References () http://www.nta-monitor.com/news/checkpoint.htm - () http://www.nta-monitor.com/news/checkpoint.htm -
References () http://www.securiteam.com/securitynews/5TP040U8AW.html - Exploit () http://www.securiteam.com/securitynews/5TP040U8AW.html - Exploit
References () http://www.securityfocus.com/archive/1/290202 - Exploit () http://www.securityfocus.com/archive/1/290202 - Exploit
References () http://www.securityfocus.com/bid/5607 - () http://www.securityfocus.com/bid/5607 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/10034 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/10034 -

Information

Published : 2002-12-31 05:00

Updated : 2024-11-20 23:41


NVD link : CVE-2002-1623

Mitre link : CVE-2002-1623

CVE.ORG link : CVE-2002-1623


JSON object : View

Products Affected

checkpoint

  • vpn-1_firewall-1