ID CVE-2005-3732
Summary The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
Vulnerable Configurations
  • cpe:2.3:a:ipsec-tools:ipsec-tools:0.5:*:*:*:*:*:*:*
    cpe:2.3:a:ipsec-tools:ipsec-tools:0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ipsec-tools:ipsec-tools:0.6:*:*:*:*:*:*:*
    cpe:2.3:a:ipsec-tools:ipsec-tools:0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.2:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 19-10-2018 - 15:38)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
oval via4
accepted 2013-04-29T04:22:48.577-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
family unix
id oval:org.mitre.oval:def:9857
status accepted
submitted 2010-07-09T03:56:16-04:00
title The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
version 23
redhat via4
advisories
bugzilla
id 181605
title CVE-2005-3732 ipsec-tools IKE DoS
oval
OR
  • AND
    comment Red Hat Enterprise Linux 3 is installed
    oval oval:com.redhat.rhba:tst:20070026001
  • AND
    comment Red Hat Enterprise Linux 4 is installed
    oval oval:com.redhat.rhba:tst:20070304001
rhsa
id RHSA-2006:0267
released 2006-04-25
severity Moderate
title RHSA-2006:0267: ipsec-tools security update (Moderate)
refmap via4
bid 15523
bugtraq 20051214 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation
debian DSA-965
fedora FLSA-2006:190941
gentoo GLSA-200512-04
mandriva MDKSA-2006:020
misc
mlist [ipsec-tools-devel] 20051120 Potential DoS fixed in ipsec-tools
sectrack 1015254
secunia
  • 17668
  • 17822
  • 17980
  • 18115
  • 18616
  • 18742
  • 19833
  • 20210
sgi 20060501-01-U
suse SUSE-SA:2005:070
ubuntu USN-221-1
vupen ADV-2005-2521
Last major update 19-10-2018 - 15:38
Published 21-11-2005 - 22:03
Back to Top