SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Firewall)  >   Ingate Firewall Vendors:   Ingate Systems
Ingate Firewall Fails to Disconnect PPTP Connections When a User is Disabled
SecurityTracker Alert ID:  1013022
SecurityTracker URL:  http://securitytracker.com/id/1013022
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jan 28 2005
Impact:   Host/resource access via network
Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 4.1.3 and prior versions
Description:   A vulnerability was reported in Ingate Firewall. When a user is disabled, the user's PPTP tunnel remains active.

The vendor reported that if a remote authenticated user has an active PPTP connection to the target firewall and the user is subsequently disabled on the firewall, the active PPTP connection is not disabled.

The vendor credits Neil Watson at Voicegenie with reporting this flaw.

Impact:   A valid user authorized to use PPTP can continue using a PPTP tunnel after the user has been subsequently disabled.
Solution:   No solution was available at the time of this entry. The vendor plans to issue a fix in a future upgrade.

As a workaround, the vendor indicates that you can turn off the PPTP server and apply the configuration when you want to disable a PPTP user. Then, enable the PPTP server and apply the configuration again.

Vendor URL:  www.ingate.com/ (Links to External Site)
Cause:   Access control error, State error

Message History:   None.


 Source Message Contents

Subject:  Ingate Firewall: Removed PPTP tunnels not deactivated


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Product: Ingate Firewall
Versions: 4.1.3 and earlier
Tracking ID: 1826

Summary
=======

Active PPTP tunnels in Ingate Firewall are not deactivated when a
PPTP user is disabled.

If a user has an active PPTP connection to an Ingate Firewall, and
that user is disabled on the Firewall, the active PPTP connection is
not disconnected, but lives on unharmed. Only when the user
disconnects does the block take effect; the next time he tries to
connect, he is not allowed to set up a connection.

Impact
======

If a user is being disabled by the firewall administrator while he has
an active tunnel, that tunnel can live on. He can thus have access to
the resources protected by the firewall for a long time after he was
disabled.

Workaround
==========

When you disable a PPTP user, also turn off the PPTP server and apply
the configuration. This will tear down all PPTP connections. Then
enable the PPTP server and apply the configuration again.

Solution
========

Ingate will provide a fix for this problem in a future upgrade. No
release date has been set yet.

Thanks
======

Thanks to Neil Watson at Voicegenie who reported this problem.

Further updates on this issue will be sent to our mailing list
http://lists.ingate.com/mailman/listinfo/productinfo

Further questions regarding this issue can be directed to
support@ingate.com.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD4DBQFB+MEUTl5zjNKUYI4RAvmoAJjVt7scBKr8dJGiPpb8feXsn8UfAJ91i/SP
NHd+u6v51uZCbKSgy/22pQ==
=eF2N
-----END PGP SIGNATURE-----

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC