IKE Protocol Vulnerability in Check Point FireWall-1
CVE-2002-1623

Currently unrated

Key Information:

Vendor: Checkpoint
Status: Vpn-1 Firewall-1
Vendor: CVE Published:; 31 December 2002

Summary

The Internet Key Exchange (IKE) protocol, when configured to use Aggressive Mode for shared secret authentication, has a significant design flaw. It fails to encrypt the identities of both initiator and responder during the negotiation process. This oversight can enable remote attackers to ascertain valid usernames. Attackers can exploit this by either monitoring responses prior to the password input or by intercepting traffic through sniffing techniques. As a result, users may be vulnerable to unauthorized access due to this security lapse in the authentication mechanism, particularly in Check Point's FireWall-1 SecuRemote.

References

http://lists.grok.org.uk/pipermail/full-disclosure/2002-S...

mailing-listx_refsource_FULLDISC

http://marc.info/?l=bugtraq&m=103176164729351&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/5607

vdb-entryx_refsource_BID

EPSS Score

78% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Mar 26, 2005
Vulnerability published
Dec 31, 2002