Users of Symantec's Enterprise Firewall warned of security risk


Users of Symantec's Enterprise Firewall warned of security risk

Cliff Saran

Businesses using Symantec's Enterprise Firewall have been warned of a new security risk that could enable a hacker to login to a company's network. NTA Monitor said that if the firewall is configured for remote access (client-to-gateway) virtual private network (VPN) using pre-shared key (PSK) authentication, it would respond differently to valid and invalid usernames.

It is also possible to use this vulnerability to enumerate valid users on the system, either by brute-force or by trying likely usernames, NTA Monitor warned.

Roy Hills, Technical Director at NTA Monitor, found the flaw andsaid, "There are two particularly interesting points to bear in mind when discussing this flaw - firstly, this type of flaw has been known about for almost 30 years and secondly, Symantec is not the only vendor to suffer from this problem." NTA Monitor said it has encountered a similar problem in equipment from Cisco and CheckPoint.

Symantec has issued an advisory and workaround on the flaw.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy