Dear Shrew support team, We are planning to use your software VPN client in our company, but we need to follow up our security procedures. From that reason, I would like to ask for few topics regarding your software. Please take a look at below questions and let us know your comments. Thank you very much in advance.
3) Please let us know if split tunneling is disabled 4) Please let us know if the Shrew VPN Client is an licensed software. If yes then please provide vendor confirmation mail that below security risk has been mitigated by appropriate security fixes/patches Risk 1) For the Shrew VPN client the CVE-2010-3361 identified the CVSS score of 6.9 It defines that (1) iked, (2) ikea and (3) ikec scripts in shrew Soft IKE 2.1.5 would place a zero length directory name in the LD_LINRARY_PATH which allows local users to gain privileges via a Trojan Horse shared library in the current working directory 2) For the shrew VPN client OS weak_phase1_check (on | off); Tells racoon to act on unencrypted deletion messages for phase 1. This is a small security risk, so the default is off, meaning that racoon will keep on trying to establish a connection even if the user credentials are wrong, for instance. Pozdrawiam/Best regards Arkadiusz Kucharski EMEA Data Network Engineer NOS - Network Engineering and Deployment Accenture Services Sp. z o.o. ________________________________ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. ______________________________________________________________________________________ www.accenture.com
_______________________________________________ vpn-help mailing list [email protected] https://lists.shrew.net/mailman/listinfo/vpn-help
