Check Point VPN-1 SecuRemote brute force possibility
| vpn1-securemote-brute-force (7343) |  Low Risk |
Description:
Check Point VPN-1 could allow a remote attacker to determine valid account usernames when remote access is attempted using SecuRemote. VPN-1 displays different messages during the authentication process depending on whether a valid username is entered compared to an invalid username. Once an attacker determines a valid username, brute force techniques can be used to obtain the password for the account.
Consequences:
Obtain Information
Remedy:
No remedy available as of July 9, 2011.
References:
- BugTraq Mailing List, Tue Oct 23 2001 - 16:07:05 CDT: Check Point VPN-1 SecuRemote Flaw.
- BID-3470: Check Point VPN-1 SecuRemote Username Acknowledgement Vulnerability
- CVE-2001-1499: Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks.
- OSVDB ID: 20210: Check Point VPN-1 SecuRemote Error Message Account Enumeration
Platforms Affected:
- CheckPoint VPN-1 4.1 SP4
Reported:
Oct 23, 2001
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net