Weak Key Management in Linksys VPN Router
CVE-2002-0426

Currently unrated

Key Information:

Vendor: Linksys
Status: Befvp41
Vendor: CVE Published:; 12 August 2002

What is CVE-2002-0426?

The VPN Server module in the Linksys EtherFast BEFVP41 Cable/DSL VPN Router prior to version 1.40.1 exhibits a vulnerability where it reduces the key lengths for keys entered manually. This flaw simplifies the process for potential attackers, enabling them to more easily crack the provided keys, which compromises the overall security of the VPN connections made through the affected devices.

References

ftp://ftp.linksys.com/pub/befsr41/befvp41-1402.zip

x_refsource_MISC

http://online.securityfocus.com/archive/1/260613

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/4250

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 12, 2002
Vulnerability Reserved
Jun 7, 2002