This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote IKEv1 service supports Aggressive Mode with Pre-Shared key.
The remote Internet Key Exchange (IKE) version 1 service seems to
support Aggressive Mode with Pre-Shared key (PSK) authentication. Such
a configuration could allow an attacker to capture and crack the PSK
of a VPN gateway and gain unauthorized access to private networks.
See also :
- Disable Aggressive Mode if supported.
- Do not use Pre-Shared key for authentication if it's possible.
- If using Pre-Shared key cannot be avoided, use very strong keys.
- If possible, do not allow VPN connections from any IP addresses.
Note that this plugin does not run over IPv6.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.5
Public Exploit Available : true
Nessus Plugin ID: 62694 ()
Bugtraq ID: 7423
CVE ID: CVE-2002-1623
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.