{"vuid":"VU#830214","idnumber":"830214","name":"Nortel Networks Contivity VPN Client information leakage vulnerability","keywords":["Nortel Networks","Contivity VPN Client","information leakage","IKE"],"overview":"The Nortel Networks Contivity VPN Client authentication error message provide additional information that may be useful to an attacker.","clean_desc":"The Nortel Networks Contivity VPN Client software provides an encrypted and authenticated VPN connection from a client system to a Nortel Contivity VPN switch or gateway. The method that the software uses for reporting error messages may leak information that would be of use to an attacker. If a valid user name and an invalid password are given, the Contivity VPN Client displays \"Login Failure due to: authentication failure\". However, if an invalid user name is given, the Contivity VPN Client displays \"Login Failed: Please verify the entered login information is correct\". As a result, an attacker with the ability to observe the authentication error messages may be able to determine valid usernames on the corresponding server system. This information could further enable brute force or dictionary-based password guessing attacks.","impact":"An attacker with the ability to observe the authentication error messages would be able to determine valid user names in the system.","resolution":"Upgrade the affected software Nortel Networks has published an updated version of the Contivity VPN client software to address this issue. Please see the Systems Affected section of this document for more information.","workarounds":"","sysaffected":"","thanks":"Thanks to K. K. Mookhey of \nNetwork Intelligence India\n for reporting this vulnerability.","author":"This document was written by Chad R Dougherty based on information provided by Nortel Networks.","public":["h","t","t","p",":","/","/","w","w","w",".","n","i","i",".","c","o",".","i","n","/","v","u","l","n","/","c","o","n","t","i","v","i","t","y",".","h","t","m","l"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2004-06-21T15:18:22Z","publicdate":"2004-10-18T00:00:00Z","datefirstpublished":"2004-11-08T16:25:39Z","dateupdated":"2004-11-08T16:25:46Z","revision":11,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"13","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"6","cam_impact":"8","cam_easeofexploitation":"4","cam_attackeraccessrequired":"10","cam_scorecurrent":"0.648","cam_scorecurrentwidelyknown":"0.9","cam_scorecurrentwidelyknownexploited":"1.62","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":0.648,"vulnote":null}