SonicWALL IKE pre-shared key is 48 bytes instead of 128 bytes
| sonicwall-ike-shared-keys (6304) |  Medium Risk |
Description:
SonicWALL TELE2 and SOHO2 firewalls do not allow the user to configure the IKE pre-shared key longer than 48 bytes. The IKE pre-shared key is designed to be 128 bytes in length.
Consequences:
File Manipulation
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Tue Mar 27 2001 - 14:34:20 CST: SonicWall IKE pre-shared key length bug and security concern.
- CVE-2001-0376: SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.
Platforms Affected:
- SonicWALL SonicWALL SOHO2 6.0.0
- SonicWALL SonicWALL TELE2 6.0.0
Reported:
Mar 27, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net