ID CVE-2008-1198
Summary The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.
References
Vulnerable Configurations
  • cpe:2.3:a:red_hat:enterprise_linux:4:*:*:*:*:*:*:*
    cpe:2.3:a:red_hat:enterprise_linux:4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 06-01-2018 - 02:29)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:N/A:N
redhat via4
advisories
bugzilla
id 679998
title [REG][5.6] rm command reports an error message during system booting.
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331005
    • comment initscripts is earlier than 0:8.45.42-1.el5
      oval oval:com.redhat.rhsa:tst:20120312001
    • comment initscripts is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhsa:tst:20120312002
rhsa
id RHSA-2012:0312
released 2012-02-21
severity Low
title RHSA-2012:0312: initscripts security and bug fix update (Low)
rpms
  • initscripts-0:8.45.42-1.el5
  • initscripts-debuginfo-0:8.45.42-1.el5
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=435274
misc http://www.ernw.de/download/pskattack.pdf
sectrack 1019563
secunia 48045
xf ipsec-ifup-weak-security(41053)
statements via4
contributor Mark J Cox
lastmodified 2008-03-07
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1198 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Last major update 06-01-2018 - 02:29
Published 06-03-2008 - 21:44
Last modified 06-01-2018 - 02:29
Back to Top