we track for your security since 1999

vulnerabilities

The Vigil@nce team watches vulnerabilities impacting your computers, and then offers solutions, a database and tools to correct them.

recent vulnerabilities

tracked products

RSS feed

vulnerability

vulnerability alert CVE-2010-4354

Cisco ASA, PIX, VPN: enumeration of groupnames

Synthesis of the vulnerability

When a PSK authentication is used, an attacker can guess valid identifiers with a brute force attack.
Impacted products: ASA, Cisco VPN Concentrator.
Severity: 2/4.
Creation date: 30/11/2010.
Identifiers: 112227, BID-45161, cisco-sr-20101124-vpn-grpname, CSCtj96108, CVE-2010-4354, NGS00014, VIGILANCE-VUL-10166.

Description of the vulnerability

The VPN PSK (Pre-Shared Key) authentication uses an identifier/password. The identifier is called the "groupname". The password is called the pre-shared key.

When a VPN client authenticates with a bad identifier, Cisco products do not answer. When the identifier is valid, an answer packet is sent back. An attacker can thus guess if an identifier is valid.

Impacted products are:
- Cisco ASA 5500
- Cisco PIX 500
- Cisco VPN 3000 Series Concentrators

When a PSK authentication is used, an attacker can therefore guess valid identifiers with a brute force attack.
Complete Vigil@nce bulletin.... (free access)

Share this bulletin

Computer vulnerabilities tracking service

Vigil@nce provides network vulnerability announces. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.