CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

$9736.22 of $21422.68
left sidedonated so farneed $11686.46 donated to reach our goalright side, our goal
Help CastleCops serve the community on new servers, Donate Here to reach our goal.

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
Survey
spacer
Was 2007 a good year?

Yes it was a wonderful year
Yes, but there is always room for improvement
Status quo
It was a challenge
Other (leave comment)



Results
Polls

Votes: 941
Comments: 25
block bottom
spacer spacer
image NISCC Vulnerability Advisory - IPSEC image
Bug Alert
Eric_the_Red writes "UNIRAS Alert 15/05 - NISCC

Three attacks that apply to certain configurations of IPsec have been identified. These
configurations use Encapsulating Security Payload (ESP) in tunnel mode with confidentiality only,
or with integrity protection being provided by a higher layer protocol. Some configurations using
AH to provide integrity protection are also vulnerable. In these configurations, an attacker can
modify sections of the IPsec packet, causing either the cleartext inner packet to be redirected or
a network host to generate an error message. In the latter case, these errors are relayed via the
Internet Control Message Protocol (ICMP); because of the design of ICMP, these messages directly
reveal segments of the header and payload of the inner datagram in cleartext. An attacker who can
intercept the ICMP messages can then retrieve plaintext data. The attacks have been implemented and demonstrated to work under realistic conditions. "
Posted on Monday, 09 May 2005 @ 20:28:27 UTC by Paul (989 reads)
[ Trackback ]		image

"NISCC Vulnerability Advisory - IPSEC" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register
 
Login
spacer
Nickname

Password

Security Code: Type Security Code: Usage signifies AUP acceptance
· New User? · Click here to create a registered account.
block bottom
Related Links
spacer
· del.icio.us!
· digg it!
· reddit!
· TrackBack (0)
· HotScripts
· W3 Consortium
· More about Bug Alert
· News by Paul

Most read story about Bug Alert:
Attacked by the Downloader virus
block bottom
Article Rating
spacer
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent
block bottom
Options
spacer

Printer Friendly Page  Printer Friendly Page
block bottom
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
257ppm 0.192s (0.01s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer