lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BCEBFFBB.ED1%devnull@cox.net>
Date: Tue, 08 Jun 2004 23:43:55 -0400
From: Dev Null <devnull@....net>
To: <bugtraq@...urityfocus.com>
Subject: Potential Security Flaw in Symantec Gateway Security 360R


I think we have discovered a possible security flaw in the wireless security
routines for the SGS 360R.

While configuring Secure WLAN settings in the 360R we have discovered that
the "Enforce VPN Tunnels/Disallow IPSec pass thru" and "Enforce VPN
Tunnels/Allow IPSec pass thru" setting in both 2.1 build 300 and build 415
firmware do not appear to actually prohibit non-VPNed wireless connections
from reaching the internal LAN. According the documentation when using
either of the "Enforce VPN Tunnel" modes, only DNS, DHCP, and ARP traffic
are allowed to reach (we believe this also include ICMP, but its not
documented) the internal network without being encrypted by the VPN. We have
been able to send a wide variety of TCP/IP traffic (including ODBC and HTTP)
to the internal LAN over a connection that is suppose to allow only traffic
traveling inside a VPN.

We have confirmed this internally using a single SGS 360R with the Symantec
Wireless Access Point card and two Win2K laptops with WPC45G Linksys WiFi
cards. 

This occurs whether or not WEP is being used.

Has anyone experienced this problem? Can anyone reproduce it?

We have reported the problem to Symantec and they are investigating.

thanks,

DN






Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ