Vulnerabilities > CVE-2001-0376 - Unspecified vulnerability in Sonicwall Soho2 and Tele2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sonicwall

NVD

Published: 2001-06-18

Updated: 2017-12-19

Summary

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.

Vulnerable Configurations

Part	Description	Count
Hardware	Sonicwall Sonicwall Soho2 6.0.0 Sonicwall Tele2 6.0.0	2

References

http://archives.neohapsis.com/archives/bugtraq/2001-03/0403.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/6304