Results 1 to 2 of 2

Thread: VPN Flaw... DoS and possibly remote code execution

  1. #1
    Senior Member
    Join Date
    Dec 2004

    VPN Flaw... DoS and possibly remote code execution

    Looks like a flaw in the ISAKMP portion of IPsec is vulnerable to a variety of vendor-specific flaws which could include DoS, format string attacks, and buffer overflows. Thought it was worth a mention.

    The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare

  2. #2
    Join Date
    May 2005
    Only problem I don't like about that article's assesment is that all that VPN's "interesting" traffic is applied after access lists (Cisco anyways). Meaning, if it's a dedicated Poing-to-Point VPN and you have any other traffic allowed to even hit the interface you deserve to have your network compromised.

    For remote access VPN I guess there could be an issue, but of course they did not describe the nature of this vulnerability so I can only guess.

    I think they could just as easily say anything you connect to the internet, if it's not configured properly, is vulnerable. I would agree with this statement and I don't think it's much different than what they put in their article.
    "Experience is the hardest teacher, it gives the test first and the lesson after." Anonymous

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts