CVE-2002-1623

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or responder identities during negotiation, which may allow remote attackers to determine valid usernames by (1) monitoring responses before the password is supplied or (2) sniffing, as originally reported for FireWall-1 SecuRemote.

Published: Dec 31, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1623
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
checkpoint / vpn-1_firewall-1	4.0	4.0.x
checkpoint / vpn-1_firewall-1	4.1	4.1.x

http://lists.grok.org.uk/pipermail/full-disclosure/2002-September/001223.html
http://marc.info/?l=bugtraq&m=103124812629621&w=2
http://marc.info/?l=bugtraq&m=103176164729351&w=2
http://www.checkpoint.com/techsupport/alerts/ike.html
http://www.kb.cert.org/vuls/id/886601
http://www.nta-monitor.com/news/checkpoint.htm
http://www.securiteam.com/securitynews/5TP040U8AW.html
http://www.securityfocus.com/archive/1/290202
http://www.securityfocus.com/bid/5607
https://exchange.xforce.ibmcloud.com/vulnerabilities/10034

Vulnerability Database

289,697

CVE-2002-1623