Flaw found in Nortel's VPN client

Networks company Nortel is returning to the drawing board today after a security researcher claimed to have found a vulnerability in its virtual private network (VPN) software.

Security experts at NTA Monitor say that version 5.01 of Nortel's Contivity VPN client for Windows is flawed because it gives users the option of saving their VPN username and password on the computer from which they access the VPN. A hacker who gained access to the machine could find this information and then log onto the corporate network. Although the software stores the password in an encrypted format in the registry, it also stores an unencrypted copy in other places on the hard drive, NTA Monitor said.

"In my definition, I'd say this is a vulnerability," said Roy Hills, technical director for NTA Monitor. "If someone gets these details, it's a big problem, but it's a lot of effort, so let's not go overboard on this."

Nortel has acknowledged that it is unwise for users to save VPN passwords in this way, even though its software gives people this option.

"If you save your password in a VPN client, that is insecure," said a Nortel spokesman. "There is the option to save the password, but someone has to have access to your PC. It's something we plan to resolve. We don’t believe this to be a major problem."

Hills's team of researchers discovered the problem in October and passed full details over to Nortel four weeks ago. Hills said that Nortel failed to respond to warnings that it could have a problem and only contacted NTA Monitor today after being contacted by ZDNet UK.