Vulnerabilities > CVE-2001-0376 - Remote Security vulnerability in Tele2

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sonicwall

NVD

Published: 2001-06-18

Updated: 2017-12-19

Summary

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.

Vulnerable Configurations

Part	Description	Count
Hardware	Sonicwall Sonicwall Soho2 6.0.0 Sonicwall Tele2 6.0.0	2

References

http://archives.neohapsis.com/archives/bugtraq/2001-03/0403.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6304