Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-355: Vulnerability in IPsec Policy Processing

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-355: Vulnerability in IPsec Policy Processing
# 1  
Old 08-14-2008
S-355: Vulnerability in IPsec Policy Processing
An information disclosure vulnerability exists in the manner in which IPsec policies are imported to Windows Server 2008 domains from Windows Server 2003 domains. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would potentially disclose information intended to be encrypted on the network. The risk is LOW. An attacker intercepting the traffic on the network would be able to view and possibly modify the contents of the traffic.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Move a TXT file greater or equal 355 MB with its corresponding .LST file

Good morning, i need your help please I need to move a .TXT file greater or igual 355 MB and its correspondent .LST file in a non recursive way The operating system is: uname -a SunOS server01c 5.10 Generic_144488-01 sun4u sparc SUNW,SPARC-Enterprise For example: rw-r--r-- 1 xptol ... (8 Replies)
Discussion started by: alexcol
8 Replies

2. Solaris

What's wrong with my ipsec configuration?

I want a lan encrypted with ipsec. This is my /etc/inet/ike/config p1_xform { auth_method preshared oakley_group 5 auth_alg sha256 encr_alg aes } p2_pfs 2 this is my /etc/inet/secret/ike.preshared # ike.preshared on hostA, 192.168.0.21 #... { localidtype IP localid... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies

3. Programming

awk processing / Shell Script Processing to remove columns text file

Hello, I extracted a list of files in a directory with the command ls . However this is not my computer, so the ls functionality has been revamped so that it gives the filesizes in front like this : This is the output of ls command : I stored the output in a file filelist 1.1M... (5 Replies)
Discussion started by: ajayram
5 Replies

4. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

5. UNIX for Advanced & Expert Users

Ipsec implementation

How can i implement Ipsec between two machines in linux_ ubuntu? any link?? suggestion?? (0 Replies)
Discussion started by: elinaz
0 Replies

6. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

7. Red Hat

ipsec policy not working

Hi, I am trying to set a policy between 2 machines for all the ports except for 22 i.e. for tcp - basically I want to bypass ssh. But my policy doesn't seem to work. Here are the entries spdadd 1.2.3.4 4.3.2.1 any -P out prio 100 ipsec esp/transport//require ah/transport//require; spdadd... (0 Replies)
Discussion started by: ahamed101
0 Replies
Login or Register to Ask a Question

LEARN ABOUT FREEBSD

enc

ENC(4)							   BSD Kernel Interfaces Manual 						    ENC(4)

NAME

     enc -- Encapsulating Interface

SYNOPSIS

     To compile this driver into the kernel, place the following line in your kernel configuration file:

	   device enc

DESCRIPTION

     The enc interface is a software loopback mechanism that allows hosts or firewalls to filter ipsec(4) traffic using any firewall package that
     hooks in via the pfil(9) framework.

     The enc interface allows an administrator to see incoming and outgoing packets before and after they will be or have been processed by
     ipsec(4) via tcpdump(1).

     The ``enc0'' interface inherits all IPsec traffic.  Thus all IPsec traffic can be filtered based on ``enc0'', and all IPsec traffic could be
     seen by invoking tcpdump(1) on the ``enc0'' interface.

     What can be seen with tcpdump(1) and what will be passed on to the firewalls via the pfil(9) framework can be independently controlled using
     the following sysctl(8) variables:

     Name			      Defaults	    Suggested
     net.enc.out.ipsec_bpf_mask       0x00000003    0x00000001
     net.enc.out.ipsec_filter_mask    0x00000001    0x00000001
     net.enc.in.ipsec_bpf_mask	      0x00000001    0x00000002
     net.enc.in.ipsec_filter_mask     0x00000001    0x00000002

     For the incoming path a value of 0x1 means ``before stripping off the outer header'' and 0x2 means ``after stripping off the outer header''.
     For the outgoing path 0x1 means ``with only the inner header'' and 0x2 means ``with outer and inner headers''.

     incoming path					    |------|
     ---- IPsec processing ---- (before) ---- (after) ----> |	   |
							    | Host |
     <--- IPsec processing ---- (after) ----- (before) ---- |	   |
     outgoing path					    |------|

     Most people will want to run with the suggested defaults for ipsec_filter_mask and rely on the security policy database for the outer head-
     ers.

EXAMPLES

     To see the packets the processed via ipsec(4), adjust the sysctl(8) variables according to your need and run:

	   tcpdump -i enc0

SEE ALSO

     tcpdump(1), bpf(4), ipf(4), ipfw(4), ipsec(4), pf(4), tcpdump(8)

BSD
								 November 28, 2007							       BSD