CVE-2002-1623

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:checkpoint:vpn-1_firewall-1:4.0:*:*:*:*:*:*:*
cpe:2.3:a:checkpoint:vpn-1_firewall-1:4.1:*:*:*:*:*:*:*

History

No history.

Information

Published : 2002-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2002-1623

Mitre link : CVE-2002-1623

CVE.ORG link : CVE-2002-1623


JSON object : View

Products Affected

checkpoint

  • vpn-1_firewall-1