Updated(2): Checkpoint VPN-1 ASN.1 vulnerability, RADIUS and wireless, reminder about home routers
Checkpoint VPN-1 ASN.1 vulnerability
Yesterday afternoon, Checkpoint released a bulletin detailing a newly discovered vulnerability in ASN.1 handling in current versions of VPN-1 (specifically NG_AI R55W, NG_AI R55, NG_AI R54, NG FP3, GSX, etc. essentially all versions of NG), this is a completely different vulnerability from the ASN.1 issue several months ago. The bulletin reiterates previous advice recommending against the use of Aggressive Mode IKE. In this case, if aggressive mode is enabled, a 1 packet exploit might be possible. A hot fix has been released that addresses the vulnerability and should be applied as soon as practical on VPN-1 devices that face public networks. We've just received confirmation that version 4.1 is NOT affected by this vulnerability.
http://www.checkpoint.com/techsupport/alerts/asn1.html
RADIUS implementations and wireless
One of the other handlers, Joshua Wright, has co-written a note for IETF, highlighting some of the weaknesses in many current implementations of the RADIUS protocol and especially their significance in wireless environments. Unfortunately, many implementations do not fully implement all the recommendations of the RFCs. This has become of greater significance since it can be used as part of a key distribution mechanism in conjunction with the 802.1x wireless protocol. The draft can be found at
http://www.drizzle.com/~aboba/RADEXT/radius_vuln_00.txt
Reminder about home routers
One of our readers, Chris Norton, sent us some information on an experiment that he ran. We won't go into the details today (perhaps in a future diary), but the upshot is a reminder to change default passwords/community strings and when possible disable remote administration capabilities on your home broadband routers.
---------------------------------------------
Jim Clausing, jim.clausing/at/acm.org
Yesterday afternoon, Checkpoint released a bulletin detailing a newly discovered vulnerability in ASN.1 handling in current versions of VPN-1 (specifically NG_AI R55W, NG_AI R55, NG_AI R54, NG FP3, GSX, etc. essentially all versions of NG), this is a completely different vulnerability from the ASN.1 issue several months ago. The bulletin reiterates previous advice recommending against the use of Aggressive Mode IKE. In this case, if aggressive mode is enabled, a 1 packet exploit might be possible. A hot fix has been released that addresses the vulnerability and should be applied as soon as practical on VPN-1 devices that face public networks. We've just received confirmation that version 4.1 is NOT affected by this vulnerability.
http://www.checkpoint.com/techsupport/alerts/asn1.html
RADIUS implementations and wireless
One of the other handlers, Joshua Wright, has co-written a note for IETF, highlighting some of the weaknesses in many current implementations of the RADIUS protocol and especially their significance in wireless environments. Unfortunately, many implementations do not fully implement all the recommendations of the RFCs. This has become of greater significance since it can be used as part of a key distribution mechanism in conjunction with the 802.1x wireless protocol. The draft can be found at
http://www.drizzle.com/~aboba/RADEXT/radius_vuln_00.txt
Reminder about home routers
One of our readers, Chris Norton, sent us some information on an experiment that he ran. We won't go into the details today (perhaps in a future diary), but the upshot is a reminder to change default passwords/community strings and when possible disable remote administration capabilities on your home broadband routers.
---------------------------------------------
Jim Clausing, jim.clausing/at/acm.org
Keywords:
0 comment(s)
My next class:
| LINUX Incident Response and Threat Hunting | London | Jul 7th - Jul 12th 2025 |
×
![modal content]()
Diary Archives
Comments