'Serious vulnerability' found in Nortel VPNs
Published: 01 Jun 2005 09:30 BST
A security research company is warning Nortel customers to upgrade their VPN routers after it found a serious vulnerability in them.
The DoS vulnerability enables hackers to crash IPSec VPN machines using a specially designed UDP packet. NTA Monitor said it would withhold details of the vulnerability because it is so dangerous.
Roy Hills, technical director of NTA Monitor said: "We believe this is a serious vulnerability. It's possible to identify Nortel VPN routers using UDP backoff fingerprinting and an attacker only needs to send a single, small UDP packet to identify the remote systems. We have determined that it's possible for an attacker with modest resources to scan the entire routed Internet address space within a few weeks and thus find all of the Nortel VPN router systems."
The attack also requires only a small piece of code to bring down thousands of machines at the same time: "This packet is less than 300 bytes in size, so an attacker with a 64Kb line could keep more than 7,000 Nortel VPN systems offline continuously, and someone with a 2Mb line has the potential to keep almost a quarter of a million systems offline."
NTA is urging companies to install a software patch that was issued by Nortel on Friday.
Nortel was not available for comment.
In March, NTA found a password flaw in Nortel's Contivity VPN client for Microsoft Windows.
Did you find this article useful?
106 out of 203 people found this useful
Digg
Slashdot
Del.ici.ous
Stumble
Reddit
