CVE-2006-1646 - The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME

CVE-2006-1646

Summary

The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly other distributions of BSD or Linux operating systems, when running in aggressive mode, allows remote attackers to cause a denial of service (daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

References

Vulnerable Configurations

cpe:2.3:a:internet_key_exchange:internet_key_exchange:1:*:*:*:*:*:*:*
cpe:2.3:a:internet_key_exchange:internet_key_exchange:1:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 05-09-2008 - 21:02)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

confirm	http://mail-index.netbsd.org/source-changes/2006/01/19/0017.html
misc	http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/ http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
netbsd	NetBSD-SA2006-003
secunia	19463

Last major update

05-09-2008 - 21:02

Published

06-04-2006 - 10:04

Last modified

05-09-2008 - 21:02