Internet Key Exchange (IKE) Aggressive Mode with Pre-Shared Key

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote IKEv1 service supports Aggressive Mode with Pre-Shared key.

Description :

The remote Internet Key Exchange (IKE) version 1 service seems to
support Aggressive Mode with Pre-Shared key (PSK) authentication. Such
a configuration could allow an attacker to capture and crack the PSK
of a VPN gateway and gain unauthorized access to private networks.

See also :

http://www.nessus.org/u?07b12cbb
https://www.ernw.de/download/pskattack.pdf
http://www.vpnc.org/ietf-ipsec/99.ipsec/msg01451.html
http://www.securityfocus.com/bid/7423

Solution :

- Disable Aggressive Mode if supported.
- Do not use Pre-Shared key for authentication if it's possible.
- If using Pre-Shared key cannot be avoided, use very strong keys.
- If possible, do not allow VPN connections from any IP addresses.

Note that this plugin does not run over IPv6.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)
CVSS Temporal Score : 4.5
(CVSS2#E:F/RL:W/RC:C)
Public Exploit Available : true

Family: General

Nessus Plugin ID: 62694 ()

Bugtraq ID: 7423

CVE ID: CVE-2002-1623