Revision as of 00:34, 20 October 2011 edit Ringbang (talk \| contribs) Autopatrolled, Extended confirmed users, Pending changes reviewers, Rollbackers 22,750 edits →Security: password storage ← Previous edit		Revision as of 15:02, 10 December 2011 edit undo John of Reading (talk \| contribs) Autopatrolled, Extended confirmed users, Pending changes reviewers 787,577 edits m →Security: Typo fixing, replaced: To workaround → To work around using AWB Next edit →
Line 38: == Security == The client uses profile files (*.pcf) that store VPN passwords either [[Cryptographic hash function\|hashed]] with [[type 7]], or stored as [[cleartext]]. A vulnerability has been identified,<ref name="cSec">{{cite web\|url=http://www.cisco.com/warp/public/707/cisco-sn-20040415-grppass.shtml\|title=Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability}}</ref> and those passwords can easily be decoded using software or online services.<ref>{{cite web\|url=http://www.unix-ag.uni-kl.de/~massar/bin/cisco-decode\|title=Cisco Systems VPN Client Group Password Decoder}}</ref> To ~~workaround~~work around these issues, network administrators are advised to use the Mutual Group Authentication feature, or use unique passwords (that aren't related to other important network passwords).<ref name="cSec"/> == References ==

Cisco Systems VPN Client: Difference between revisions