Cisco ASA IKE Responses Let Remote Users Determine Valid Groupnames
|
|
SecurityTracker Alert ID: 1024800 |
|
SecurityTracker URL: http://securitytracker.com/id/1024800
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Nov 30 2010
|
Impact:
Disclosure of system information
|
Vendor Confirmed: Yes Exploit Included: Yes
|
Version(s): 5500 Series
|
Description:
A vulnerability was reported in Cisco ASA. A remote user can determine valid group names on the target device.
A remote user can discover which group names are configured and valid on the target device.
Systems using a pre-shared key for group authentication in a remote access VPN scenario are affected. Site-to-site VPNs are not affected.
Cisco has assigned Cisco Bug ID CSCtj96108 to this vulnerability.
Cisco PIX 500 Series Security Appliances and the Cisco VPN 3000 Series Concentrators are also affected.
VPN 3000 Series systems using 'Mutual Group Authentication' are not affected.
Gavin Jones of NGS Secure reported this vulnerability.
|
Impact:
A remote user can determine valid group names on the target device.
|
Solution:
No solution was available at the time of this entry.
The vendor plans to issue a fix.
The vendor's advisory is available at:
http://www.cisco.com/warp/public/707/cisco-sr-20101124-vpn-grpname.shtml
|
Vendor URL: www.cisco.com/warp/public/707/cisco-sr-20101124-vpn-grpname.shtml (Links to External Site)
|
Cause:
Access control error, State error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Tue, 30 Nov 2010 20:32:14 +0000
Subject: Cisco ASA
|
http://www.cisco.com/warp/public/707/cisco-sr-20101124-vpn-grpname.shtml
Cisco Security Response: Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability
|
|
