11/15/2005

VPN Flaw Threatens Internet Traffic

Filed under: — By Aviran Mordo @ 9:11 am

A flaw in a key Internet security protocol used by major networking products could open systems up to denial-of-service and other kinds of attacks, experts have warned.

Finnish researchers at the University of Oulu announced Monday that they have found a vulnerability in the Internet Security Association and Key Management Protocol, or ISAKMP. The technology is used in IPsec virtual private network and firewall products from a range of networking companies, including giants Cisco Systems and Juniper Networks.

The severity of the problems varies by software vendor, according to an advisory issued jointly by the British National Infrastructure Security Co-ordination Centre and the Finnish CERT.

“These flaws may expose denial-of-service conditions, format string vulnerabilities, and buffer overflows,” the advisory said. All these could shut down devices and slow transmission of data across the Internet. In some cases, they could also allow hackers to execute code and hijack a device, NISCC warned.

Source: News.com

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress