CVE-2001-0376

Name of the Vulnerable Software and Affected Versions SonicWALL Tele2 and SOHO firewalls version 6.0.0.0

Description The issue concerns the use of IPSEC with IKE pre-shared keys in SonicWALL Tele2 and SOHO firewalls. These firewalls do not support the full 128 byte IKE pre-shared keys as intended, instead only supporting 48 byte keys. This limitation allows a remote attacker to perform a brute force attack on the pre-shared keys with significantly less resources than would be required if the full 128 byte keys were used.

Recommendations For SonicWALL Tele2 and SOHO firewalls version 6.0.0.0, consider using alternative security measures to mitigate the risk of brute force attacks on the pre-shared keys, such as implementing additional authentication mechanisms or restricting access to the firewall. At the moment, there is no information about a newer version that contains a fix for this vulnerability.