Sign-up

ID

VAR-200212-0529


CVE

CVE-2002-1623


TITLE

Internet Key Exchange (IKE) protocol discloses identity when Aggressive Mode shared secret authentication is used

Trust: 0.8

sources: CERT/CC: VU#886601

DESCRIPTION

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote. Vpn-1 Firewall-1 is prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause denial-of-service conditions

Trust: 1.98

sources: NVD: CVE-2002-1623 // CERT/CC: VU#886601 // BID: 89555 // VULHUB: VHN-6008

AFFECTED PRODUCTS

vendor:checkpointmodel:vpn-1 firewall-1scope:eqversion:4.0

Trust: 1.9

vendor:checkpointmodel:vpn-1 firewall-1scope:eqversion:4.1

Trust: 1.6

vendor:apple computermodel: - scope: - version: -

Trust: 0.8

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:kamemodel: - scope: - version: -

Trust: 0.8

vendor:netbsdmodel: - scope: - version: -

Trust: 0.8

sources: CERT/CC: VU#886601 // BID: 89555 // CNNVD: CNNVD-200212-593 // NVD: CVE-2002-1623

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2002-1623
value: MEDIUM

Trust: 1.0

CARNEGIE MELLON: VU#886601
value: 0.65

Trust: 0.8

CNNVD: CNNVD-200212-593
value: MEDIUM

Trust: 0.6

VULHUB: VHN-6008
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2002-1623
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-6008
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#886601 // VULHUB: VHN-6008 // CNNVD: CNNVD-200212-593 // NVD: CVE-2002-1623

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2002-1623

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200212-593

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200212-593

EXTERNAL IDS

db:CERT/CCid:VU#886601

Trust: 2.8

db:BIDid:5607

Trust: 2.0

db:NVDid:CVE-2002-1623

Trust: 2.0

db:XFid:10034

Trust: 0.9

db:CNNVDid:CNNVD-200212-593

Trust: 0.7

db:XFid:1

Trust: 0.6

db:BUGTRAQid:20020905 RE: SECUREMOTE USERNAMES CAN BE GUESSED OR SNIFFED USING IKE EXCHANGE

Trust: 0.6

db:BUGTRAQid:20020903 SECUREMOTE USERNAMES CAN BE GUESSED OR SNIFFED USING IKE EXCHANGE

Trust: 0.6

db:BUGTRAQid:20020911 RE: SECUREMOTE USERNAMES CAN BE GUESSED OR SNIFFED USING IKE

Trust: 0.6

db:FULLDISCid:20020903 CHECK POINT STATEMENT ON USE OF IKE AGGRESSIVE MODE

Trust: 0.6

db:BIDid:89555

Trust: 0.4

db:VULHUBid:VHN-6008

Trust: 0.1

sources: CERT/CC: VU#886601 // VULHUB: VHN-6008 // BID: 89555 // CNNVD: CNNVD-200212-593 // NVD: CVE-2002-1623

REFERENCES

url:http://www.checkpoint.com/techsupport/alerts/ike.html

Trust: 3.8

url:http://www.nta-monitor.com/news/checkpoint.htm

Trust: 3.8

url:http://www.securiteam.com/securitynews/5tp040u8aw.html

Trust: 3.8

url:http://www.securityfocus.com/bid/5607

Trust: 3.0

url:http://www.securityfocus.com/archive/1/290202

Trust: 3.0

url:http://www.kb.cert.org/vuls/id/886601

Trust: 3.0

url:http://lists.grok.org.uk/pipermail/full-disclosure/2002-september/001223.html

Trust: 3.0

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/10034

Trust: 2.1

url:http://marc.info/?l=bugtraq&m=103124812629621&w=2

Trust: 2.0

url:http://marc.info/?l=bugtraq&m=103176164729351&w=2

Trust: 2.0

url:http://marc.theaimsgroup.com/?l=bugtraq&m=103124812629621&w=2

Trust: 1.5

url:http://marc.theaimsgroup.com/?l=bugtraq&m=103176164729351&w=2

Trust: 1.5

url:http://xforce.iss.net/xforce/xfdb/10034

Trust: 0.9

url:http://www.ietf.org/rfc/rfc2409.txt

Trust: 0.8

url:http://www.dsinet.org/?id=2873

Trust: 0.8

url:http://www.netsys.com/cgi-bin/displaynews?a=382

Trust: 0.8

url:http://online.securityfocus.com/news/603

Trust: 0.8

url:http://online.securityfocus.com/archive/1/290202/2002-09-01/2002-09-07/0

Trust: 0.8

url:http://packetstorm.linuxsecurity.com/advisories/misc/checkpoint.ike.txt

Trust: 0.8

url:http://marc.info/?l=bugtraq&m=103124812629621&w=2

Trust: 0.1

url:http://marc.info/?l=bugtraq&m=103176164729351&w=2

Trust: 0.1

sources: CERT/CC: VU#886601 // VULHUB: VHN-6008 // BID: 89555 // CNNVD: CNNVD-200212-593 // NVD: CVE-2002-1623

CREDITS

Unknown

Trust: 0.3

sources: BID: 89555

SOURCES

db:CERT/CCid:VU#886601
db:VULHUBid:VHN-6008
db:BIDid:89555
db:CNNVDid:CNNVD-200212-593
db:NVDid:CVE-2002-1623

LAST UPDATE DATE

2024-11-22T21:24:05.194000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#886601date:2003-04-04T00:00:00
db:VULHUBid:VHN-6008date:2017-07-11T00:00:00
db:BIDid:89555date:2002-12-31T00:00:00
db:CNNVDid:CNNVD-200212-593date:2006-01-03T00:00:00
db:NVDid:CVE-2002-1623date:2024-11-20T23:41:44.770

SOURCES RELEASE DATE

db:CERT/CCid:VU#886601date:2002-09-12T00:00:00
db:VULHUBid:VHN-6008date:2002-12-31T00:00:00
db:BIDid:89555date:2002-12-31T00:00:00
db:CNNVDid:CNNVD-200212-593date:2002-12-31T00:00:00
db:NVDid:CVE-2002-1623date:2002-12-31T05:00:00