Attackers could exploit a major flaw in the Internet Protocol Security [IPsec] framework to obtain the plaintext version of IPsec-protected communications "using only moderate effort," the British-based National Infrastructure Security Co-Ordination Centre [NISCC] warned in an advisory.

"These are very significant issues and need to be addressed quickly by people using IPsec," Ed Skoudis, a handler for the Bethesda, Md.-based SANS Internet Storm Center [ISC] and co-founder of Washington, D.C.-based security consultancy Intel Guardians, said by e-mail. "This is really big."

NISCC said three attacks that apply to certain configurations of IPsec have been identified. "These configurations use Encapsulating Security Payload [ESP] in tunnel mode with confidentiality only, or with integrity protection being provided by a higher layer protocol," the advisory said, adding that certain configurations using the Authentication Header [AH] are also vulnerable.

The link for this article located at SearchSecurity is no longer available.