ID CVE-2005-1058
Summary Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations.
References
Vulnerable Configurations
  • Cisco IOS 12.2T
    cpe:2.3:o:cisco:ios:12.2t
  • Cisco IOS 12.3
    cpe:2.3:o:cisco:ios:12.3
  • Cisco IOS 12.3T
    cpe:2.3:o:cisco:ios:12.3t
CVSS
Base: 7.5 (as of 14-06-2005 - 11:38)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family CISCO
    NASL id CISCO-SA-20050406-XAUTH.NASL
    description Cisco Internetwork Operating System (IOS) Software release trains 12.2T, 12.3 and 12.3T may contain vulnerabilities in processing certain Internet Key Exchange (IKE) Xauth messages when configured to be an Easy VPN Server. Successful exploitation of these vulnerabilities may permit an unauthorized user to complete authentication and potentially access network resources.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48984
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48984
    title Vulnerabilities in the Internet Key Exchange Xauth Implementation - Cisco Systems
  • NASL family CISCO
    NASL id CSCEG00277.NASL
    description The remote version of IOS contains a feature called 'Easy VPN Server' that allows the administrator of the remote router to create a lightweight VPN server. There is an implementation flaw in the remote version of this software that could allow an authorized user to complete authentication and access the VPN remotely.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 17986
    published 2005-04-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=17986
    title Cisco IOS IKE XAUTH ISAKMP IPSec SA Establish Authentication Bypass (CSCeg00277)
oval via4
accepted 2008-09-08T04:00:40.957-04:00
class vulnerability
contributors
name Yuzheng Zhou
organization Hewlett-Packard
description Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations.
family ios
id oval:org.mitre.oval:def:5738
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco Systems IOS Unauthorized IPSec SA Vulnerability
version 4
refmap via4
cisco 20050406 Vulnerabilities in the Internet Key Exchange Xauth Implementation
Last major update 04-03-2009 - 00:32
Published 02-05-2005 - 00:00
Last modified 10-10-2017 - 21:30
Back to Top