Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3732

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2005-3732
Last Modified 16 Aug 2013 01:08:52
Published 21 Nov 2005 05:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3732

Summary

The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Vulnerable Systems

Application

  • Ipsec-tools 0.5

  • Ipsec-tools 0.5.1

  • Ipsec-tools 0.5.2

  • Ipsec-tools 0.6

  • Ipsec-tools 0.6.1

  • Ipsec-tools 0.6.2


References

BID - 15523

SECUNIA - 17668

MISC - http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u

VUPEN - ADV-2005-2521

UBUNTU - USN-221-1

FEDORA - FLSA-2006:190941

SUSE - SUSE-SA:2005:070

MISC - http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en

MANDRIVA - MDKSA-2006:020

GENTOO - GLSA-200512-04

MISC - http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/

DEBIAN - DSA-965

MLIST - [ipsec-tools-devel] 20051120 Potential DoS fixed in ipsec-tools

SECTRACK - 1015254

SECUNIA - 20210

SECUNIA - 19833

SECUNIA - 18742

SECUNIA - 18616

SECUNIA - 18115

SECUNIA - 17980

SECUNIA - 17822

REDHAT - RHSA-2006:0267

BUGTRAQ - 20051214 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation

SGI - 20060501-01-U


Last Updated: 27 May 2016 10:41:02