The Internet Key Exchange (IKE) protocol discloses username information when Aggressive Mode is used for shared secret authentication.
The Internet Key Exchange (IKE) protocol provides a negotiation mechanism that allows an initiator to establish an encrypted session with a responder. Many firewall and Virtual Private Network (VPN) products use IKE; check your product documentation to determine which modes and authentication methods are used by your product.
By design, the IKE protocol does not encrypt the identities of the initiator or responder when performing shared secret authentication in Aggressive Mode. Depending upon your site configuration and need for identity protection, this design choice may represent a vulnerability to your organization.
Devices that implement this protocol as specified will leak username information while negotiating IKE sessions. This information may be useful for conducting reconnaissance on networks containing an affected device.
Use an alternative mode and authentication method
The CERT/CC thanks Roy Hills for reporting this issue.
This document was written by Jeffrey P. Lanza.
|Date First Published:||2002-09-12|
|Date Last Updated:||2003-04-04 19:12 UTC|