Users of Symantec's Enterprise Firewall warned of security risk


Users of Symantec's Enterprise Firewall warned of security risk

Cliff Saran

Businesses using Symantec's Enterprise Firewall have been warned of a new security risk that could enable a hacker to login to a company's network. NTA Monitor said that if the firewall is configured for remote access (client-to-gateway) virtual private network (VPN) using pre-shared key (PSK) authentication, it would respond differently to valid and invalid usernames.

It is also possible to use this vulnerability to enumerate valid users on the system, either by brute-force or by trying likely usernames, NTA Monitor warned.

Roy Hills, Technical Director at NTA Monitor, found the flaw andsaid, "There are two particularly interesting points to bear in mind when discussing this flaw - firstly, this type of flaw has been known about for almost 30 years and secondly, Symantec is not the only vendor to suffer from this problem." NTA Monitor said it has encountered a similar problem in equipment from Cisco and CheckPoint.

Symantec has issued an advisory and workaround on the flaw.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

COMMENTS powered by Disqus  //  Commenting policy