[Openswan Users] FW: NISCC Vulnerability Advisory IPSEC - 004033

[mcr at xelerance.com]

-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "Paul" == Paul Wouters <paul at xelerance.com> writes:
    >>> Abstract: Three attacks that apply to certain configurations of
    >>> IPsec have been identified. These configurations use
    >>> Encapsulating Security Payload (ESP) in tunnel mode with
    >>> confidentiality only, or with

    Paul> All normal configurations should always be using both
    Paul> confidentiality and authentication.

    >>> integrity protection being provided by a higher layer
    >>> protocol. Some configurations using AH to provide integrity
    >>> protection are also vulnerable.

    Paul> AH is not really used at all. In fact, we recommend people
    Paul> still use ESP (and not AH or ESP NULL) even if they trust the
    Paul> encryption in other layers (eg WEP or WPA), which they should
    Paul> not.

  "higher layer" implies "TCP" to me.

    Paul> Perhaps Michael can give a more detailed answer,

  No, neither NISCC nor CERT have replied to my emails.
  Where is the full text of the advisory?

- -- 
] Michael Richardson          Xelerance Corporation, Ottawa, ON |  firewalls  [
] mcr @ xelerance.com           Now doing IPsec training, see   |net architect[
] http://www.sandelman.ca/mcr/    www.xelerance.com/training/   |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQn/rD4qHRg3pndX9AQG1vAP+O4eInL//dxKeoy5eIQ9SGyA2t7IDrSRd
W5GMh4zESSiIOVyvq6xwqSVn7ZF6O6PyE4ytkZsOQIo+GXG0rYKmPN6tl+OEVqAm
wgO7D94G1EeXvaxz5dfYIj6jvxRMGaKorlS86WecZ1FYnzcyf13FEHVdR88c+TVM
3uXG+gvbGw8=
=EHFC
-----END PGP SIGNATURE-----