ID CVE-2005-3668
Summary Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable.
References
Vulnerable Configurations
  • cpe:2.3:a:internet_key_exchange:internet_key_exchange:1
    cpe:2.3:a:internet_key_exchange:internet_key_exchange:1
CVSS
Base: 5.0 (as of 30-11-2005 - 15:44)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-965.NASL
    description The Internet Key Exchange version 1 (IKEv1) implementation in racoon from ipsec-tools, IPsec tools for Linux, try to dereference a NULL pointer under certain conditions which allows a remote attacker to cause a denial of service.
    last seen 2019-01-16
    modified 2018-07-20
    plugin id 22831
    published 2006-10-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=22831
    title Debian DSA-965-1 : ipsec-tools - null dereference
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2006-0267.NASL
    description Updated ipsec-tools packages that fix a bug in racoon are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. If a victim's machine has racoon configured in a non-recommended insecure manner, it is possible for a remote attacker to crash the racoon daemon. (CVE-2005-3732) Users of ipsec-tools should upgrade to these updated packages, which contain backported patches, and are not vulnerable to these issues.
    last seen 2019-01-16
    modified 2018-11-10
    plugin id 21894
    published 2006-07-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21894
    title CentOS 3 / 4 : ipsec-tools (CESA-2006:0267)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2006-0267.NASL
    description Updated ipsec-tools packages that fix a bug in racoon are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. If a victim's machine has racoon configured in a non-recommended insecure manner, it is possible for a remote attacker to crash the racoon daemon. (CVE-2005-3732) Users of ipsec-tools should upgrade to these updated packages, which contain backported patches, and are not vulnerable to these issues.
    last seen 2019-01-16
    modified 2018-11-16
    plugin id 21286
    published 2006-04-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=21286
    title RHEL 3 / 4 : ipsec-tools (RHSA-2006:0267)
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_X86_114435.NASL
    description SunOS 5.9_x86: IKE patch. Date this patch was last updated by Sun : Aug/09/10
    last seen 2016-09-26
    modified 2012-06-14
    plugin id 13602
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13602
    title Solaris 9 (x86) : 114435-16
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS9_113451.NASL
    description SunOS 5.9: IKE patch. Date this patch was last updated by Sun : Aug/09/10
    last seen 2016-09-26
    modified 2012-06-14
    plugin id 13538
    published 2004-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13538
    title Solaris 9 (sparc) : 113451-17
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_118371.NASL
    description SunOS 5.10: elfsign patch. Date this patch was last updated by Sun : Apr/16/07
    last seen 2018-09-02
    modified 2018-08-13
    plugin id 20332
    published 2005-12-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20332
    title Solaris 10 (sparc) : 118371-10
  • NASL family Solaris Local Security Checks
    NASL id SOLARIS10_X86_118372.NASL
    description SunOS 5.10_x86: elfsign patch. Date this patch was last updated by Sun : Apr/16/07
    last seen 2018-09-01
    modified 2018-08-13
    plugin id 20333
    published 2005-12-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20333
    title Solaris 10 (x86) : 118372-10
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2006-020.NASL
    description The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in ipsec-tools racoon before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. The updated packages have been patched to correct this problem.
    last seen 2019-01-16
    modified 2018-07-19
    plugin id 20809
    published 2006-01-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=20809
    title Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2006:020)
refmap via4
cert-vn VU#226364
misc
Last major update 05-09-2008 - 16:54
Published 18-11-2005 - 16:03
Back to Top