Novell BorderManager ISAKMP Predictable Cookie Vulnerability
BID:21014
Info
Novell BorderManager ISAKMP Predictable Cookie Vulnerability
| Bugtraq ID: | 21014 |
| Class: | Design Error |
| CVE: |
CVE-2006-7155 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 10 2006 12:00AM |
| Updated: | Jul 06 2016 02:40PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Novell BorderManager 3.8 SP4 |
| Not Vulnerable: |
Novell BorderManager 3.8 SP5 |
Discussion
Novell BorderManager ISAKMP Predictable Cookie Vulnerability
Novell BorderManager is prone to a vulnerability that causes the software to create predictable ISAKMP cookies.
Exploiting this vulnerability may lead to various attacks including denial-of-service conditions and replay attacks that allow attackers to gain unauthorized access to sessions. Other attacks may be possible as well.
Novell BorderManager 3.8 Support Pack 4 is reported vulnerable; prior versions may also be affected.
This issue may be related to BID 20428 (Novell BorderManager IPSec/IKE Remote Denial Of Service Vulnerability). If further analysis reveals that these issues are identical, this BID will be retired.
Novell BorderManager is prone to a vulnerability that causes the software to create predictable ISAKMP cookies.
Exploiting this vulnerability may lead to various attacks including denial-of-service conditions and replay attacks that allow attackers to gain unauthorized access to sessions. Other attacks may be possible as well.
Novell BorderManager 3.8 Support Pack 4 is reported vulnerable; prior versions may also be affected.
This issue may be related to BID 20428 (Novell BorderManager IPSec/IKE Remote Denial Of Service Vulnerability). If further analysis reveals that these issues are identical, this BID will be retired.
Exploit / POC
Novell BorderManager ISAKMP Predictable Cookie Vulnerability
This issue can be triggered using the 'ike-scan' utility available at the following location:
http://www.nta-monitor.com/tools/ike-scan/
This issue can be triggered using the 'ike-scan' utility available at the following location:
http://www.nta-monitor.com/tools/ike-scan/
Solution / Fix
Novell BorderManager ISAKMP Predictable Cookie Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the referenced vendor advisory for more information.
Solution:
The vendor has released fixes to address this issue. Please see the referenced vendor advisory for more information.
References
Novell BorderManager ISAKMP Predictable Cookie Vulnerability
References:
References:
- BorderManager 3.8 generates predictable ISAKMP cookies (Novell)
- BorderManager Product Homepage (Novell)
- BorderManager Tech Support Page (Novell)