CVE-2005-2640

Name of the Vulnerable Software and Affected Versions Juniper Netscreen VPN version 5.2.0 and earlier

Description A behavioral discrepancy information leak occurs when using IKE with pre-shared key authentication, allowing remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet. This packet generates a response if the username is valid but does not respond when the username is invalid.

Recommendations For Juniper Netscreen VPN version 5.2.0 and earlier, consider disabling IKE Aggressive Mode as a temporary workaround until a patch is available. Restrict access to the VPN to minimize the risk of exploitation. Avoid using pre-shared key authentication in IKE until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.