ID CVE-2008-1198
Summary The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.
References
Vulnerable Configurations
  • cpe:2.3:a:red_hat:enterprise_linux:4:*:*:*:*:*:*:*
    cpe:2.3:a:red_hat:enterprise_linux:4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 06-01-2018 - 02:29)
Impact:
Exploitability:
CWE CWE-16
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:N/A:N
redhat via4
advisories
bugzilla
id 679998
title [REG][5.6] rm command reports an error message during system booting.
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhba:tst:20070331001
  • comment initscripts is earlier than 0:8.45.42-1.el5
    oval oval:com.redhat.rhsa:tst:20120312002
  • comment initscripts is signed with Red Hat redhatrelease key
    oval oval:com.redhat.rhsa:tst:20120312003
rhsa
id RHSA-2012:0312
released 2012-02-21
severity Low
title RHSA-2012:0312: initscripts security and bug fix update (Low)
rpms initscripts-0:8.45.42-1.el5
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=435274
misc http://www.ernw.de/download/pskattack.pdf
sectrack 1019563
secunia 48045
xf ipsec-ifup-weak-security(41053)
statements via4
contributor Mark J Cox
lastmodified 2008-03-07
organization Red Hat
statement Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1198 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
Last major update 06-01-2018 - 02:29
Published 06-03-2008 - 21:44
Back to Top