IKE Aggressive Mode Downgrade Attack?

[Melchior Limacher <mli () protect7 com>]

Hello


I was reading about "ike aggressive mode with pre shared key" (CVE-2002-1623).

As described by cisco (http://www.cisco.com/en/US/tech/tk583/tk372/technologies_security_notice09186a008016b57f.html), 
this is still an issue
"When responding to IPSec session initialization, Cisco IOS(r) software
may use Aggressive Mode even if it has not been explicitly configured
to do so. Cisco IOS software initially tries to negotiate using Main
Mode but, failing that, resorts to Aggressive Mode."

Are there known downgrade attacks? Counter-Measures?

Thanks for your feedback and regards,
mli

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/