Global Technology Associates Information for VU#459371
Multiple IPsec implementations do not adequately validate authentication data
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 17 Oct 2002
After analyzing the IPSec issue described in VU#459371 Global Technology Associates, Inc. has determined that GTA firewall products running GNAT Box system software version prior to version 3.3.1 are vulnerable to this attack. GTA has released system software updates to correct this vulnerability.
For users with systems running GNAT Box system software version 3.3.0 a system software update version 3.3.1 is available from GTA's Online Support Center.
For users with systems running GNAT Box system software version 3.2.x a system software update version 3.2.6 is available from GTA's Online Support Center.
For users with systems running GNAT Box system software version 3.1.x or earlier no software update is available. Users should either upgrade to version 3.3.1 or add Remote Access filters to restrict access to designated remote VPN gateways.
To report potential security vulnerabilities in GTA products, send an E-mail message to: firstname.lastname@example.org.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.