November 15th, 2005, 05:56 AM
VPN Flaw... DoS and possibly remote code execution
Looks like a flaw in the ISAKMP portion of IPsec is vulnerable to a variety of vendor-specific flaws which could include DoS, format string attacks, and buffer overflows. Thought it was worth a mention.
The fool doth think he is wise, but the wiseman knows himself to be a fool - Good Ole Bill Shakespeare
November 15th, 2005, 07:16 PM
Only problem I don't like about that article's assesment is that all that VPN's "interesting" traffic is applied after access lists (Cisco anyways). Meaning, if it's a dedicated Poing-to-Point VPN and you have any other traffic allowed to even hit the interface you deserve to have your network compromised.
For remote access VPN I guess there could be an issue, but of course they did not describe the nature of this vulnerability so I can only guess.
I think they could just as easily say anything you connect to the internet, if it's not configured properly, is vulnerable. I would agree with this statement and I don't think it's much different than what they put in their article.
"Experience is the hardest teacher, it gives the test first and the lesson after." Anonymous