1. CVE-Search
  2. CVE-2005-3768
ID CVE-2005-3768
Summary Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*
    cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*
  • cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*
    cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*
  • cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*
  • cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*
    cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 08-03-2011 - 02:27)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
confirm http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html
sectrack
  • 1015247
  • 1015248
  • 1015249
secunia 17684
vupen ADV-2005-2517
Last major update 08-03-2011 - 02:27
Published 23-11-2005 - 00:03
Last modified 08-03-2011 - 02:27
Back to Top