Symantec has warned of a serious flaw in its VPN and firewall server products that could allow an attacker to take over affected systems and gain access to corporate networks. . . .
Symantec has warned of a serious flaw in its VPN and firewall server products that could allow an attacker to take over affected systems and gain access to corporate networks.

Internet Security Systems (ISS) X-Force had first discovered the flaw in the Entrust module running on some of Symantec's gateway products. The module, which implements the IKE key exchange protocol, was not properly validating incoming ISAKMP packets.

Internet Security Association and Key Management Protocol (ISAKMP) is a standard protocol for creating dynamic VPN tunnels. By sending sufficiently malformed ISAKMP packets, an attacker could cause a DoS condition in the affected VPN component. Or, if specifically crafted, the malformed ISAKMP packets could potentially lead to a further possible compromise of the VPN server.

The link for this article located at CXOtoday Staff is no longer available.