SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VPN)  >   Nortel VPN Client Vendors:   Nortel
Nortel Contivity VPN Client May Let Remote Users Hijack Sessions
SecurityTracker Alert ID:  1011846
SecurityTracker URL:  http://securitytracker.com/id/1011846
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Updated:  Aug 18 2005
Original Entry Date:  Oct 21 2004
Impact:   User access via network
Vendor Confirmed:  Yes  
Version(s): V02.1.7, V03.00.XX, V03.01.XX, V04.91.XX, and V05.01.XX
Description:   A vulnerability was reported in Nortel Contivity in the VPN client software. A remote user may be able to conduct a man-in-the-middle attack to hijack the target user's connection.

Secunia posted a report credited to Roger Sylvain from Solucom indicating that when a target user connects to the VPN gateway, the client software does not validate the gateway's certificate while a dialog box is displayed to the target user. During this time, the target user's session can be hijacked via a man-in-the-middle attack.

Nortel later disclosed that if the VPN gateway is configured to send a banner message to the target user's VPN client and the target user fails to acknowledge the banner message, the VPN tunnel will remain active and the client will not check the revocation status of the VPN gateway's certificate.

Only systems that use digital certificate authentication are affected.

The validation of user certificates by the VPN gateway is not affected.

Contivity VPN Client version V04.65.XX and V04.86.XX software releases are not affected.

Impact:   A remote user with the ability to conduct a man-in-the-middle attack may be able to hijack a target user's session.
Solution:   No solution was available for the affected versions at the time of this entry.

Nortel reports that Contivity VPN Client version V04.65.XX and V04.86.XX software releases are not affected.

Nortel Networks plans to provide additional fix availability information in November 2004.

Vendor URL:  www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6&category=8&subcategory=6&subtype=&DocumentOID=276620&RenditionID=REND159588 (Links to External Site)
Cause:   Authentication error
Underlying OS:  Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Oct 30 2004 (Vendor Issues Advisory) Nortel Contivity VPN Client May Let Remote Users Hijack Sessions
Nortel has issued an advisory containing workaround instructions.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC