Sign-up

ID

VAR-200511-0062


CVE

CVE-2005-3733


TITLE

Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations

Trust: 0.8

sources: CERT/CC: VU#226364

DESCRIPTION

The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. Juniper's M, T, J and E series routers are all network router products developed by Juniper. The IKE protocol is implemented in the JUNOS and JUNOSe software. Testing of the IKE version 1 phase 1 ISAKMP test suite developed by the Oulu University Security Programming Group (OUSPG) revealed a vulnerability in the IKE protocol implementation in JUNOS and JUNOSe software. By sending specially crafted messages, vulnerable products may exhibit denial of service, format string vulnerabilities, and buffer overflows. In some cases, arbitrary code execution may also be possible. TITLE: Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of Service SECUNIA ADVISORY ID: SA17684 VERIFY ADVISORY: http://secunia.com/advisories/17684/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote OPERATING SYSTEM: Symantec Gateway Security 400 Series http://secunia.com/product/6175/ Symantec Gateway Security 300 Series http://secunia.com/product/6176/ Symantec Gateway Security 3.x http://secunia.com/product/6177/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Gateway Security 1.x http://secunia.com/product/876/ Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/ SOFTWARE: Symantec Enterprise Firewall (SEF) 8.x http://secunia.com/product/3587/ DESCRIPTION: Symantec has acknowledged a vulnerability in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA17553 Successful exploitation causes a DoS of the dynamic VPN services. The vulnerability has been reported in the following products. * Symantec Enterprise Firewall version 8.0 (Windows) * Symantec Enterprise Firewall version 8.0 (Solaris) * Symantec Gateway Security 5000 Series version 3.0 * Symantec Gateway Security 5400 version 2.0.1 * Symantec Gateway Security 5310 version 1.0 * Symantec Gateway Security 5200/5300 version 1.0 * Symantec Gateway Security 5100 * Symantec Gateway Security 400 version 2.0 * Symantec Gateway Security 300 version 2.0 * Symantec Firewall /VPN Appliance 200/200R * Symantec Firewall /VPN Appliance 100 SOLUTION: Apply hotfixes. Symantec Enterprise Firewall version 8.0 (Windows): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html Symantec Enterprise Firewall version 8.0 (Solaris): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html Symantec Gateway Security 5000 Series version 3.0: Apply SGS3.0-2005114-02. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html Symantec Gateway Security 5400 version 2.0.1: Apply SGS2.0.1-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html Symantec Gateway Security 5310 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html Symantec Gateway Security 5200/5300 version 1.0: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html Symantec Gateway Security 5100: Apply SG7004-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html Symantec Gateway Security 400 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html Symantec Gateway Security 300 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html Symantec Firewall /VPN Appliance 200/200R: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html Symantec Firewall /VPN Appliance 100: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.52

sources: NVD: CVE-2005-3733 // CERT/CC: VU#226364 // JVNDB: JVNDB-2005-000686 // VULHUB: VHN-14941 // PACKETSTORM: 41734

AFFECTED PRODUCTS

vendor:junipermodel:junos tscope:lteversion:6.3

Trust: 1.0

vendor:junipermodel:junose mscope:lteversion:6.3.0

Trust: 1.0

vendor:junipermodel:junose escope:lteversion:7.0.0

Trust: 1.0

vendor:junipermodel:junos mscope:lteversion:6.3

Trust: 1.0

vendor:junipermodel:junos jscope:lteversion:6.3

Trust: 1.0

vendor:junipermodel:junose jscope:lteversion:6.3

Trust: 1.0

vendor:junipermodel:junose tscope:lteversion:6.3

Trust: 1.0

vendor:junipermodel:junos escope:lteversion:7.0.0

Trust: 1.0

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:fortinetmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:necmodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:openswan linux ipsecmodel: - scope: - version: -

Trust: 0.8

vendor:qnxmodel: - scope: - version: -

Trust: 0.8

vendor:stonesoftmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0 (x86-64)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:10 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:10 (x86)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:9 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:9 (x86)

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.3

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.4

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.0

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.1

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.2

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.3

Trust: 0.8

vendor:ciscomodel:pix/asascope:eqversion:7.0

Trust: 0.8

vendor:symantecmodel:enterprise firewallscope:eqversion:8.0

Trust: 0.8

vendor:junipermodel:screenosscope:eqversion:5.0

Trust: 0.8

vendor:junipermodel:screenosscope:eqversion:5.2

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r54)

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r55)

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r55w)

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.00

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (ws)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (ws)

Trust: 0.8

vendor:junipermodel:junos mscope:eqversion:6.3

Trust: 0.6

vendor:junipermodel:junose mscope:eqversion:6.3.0

Trust: 0.6

vendor:junipermodel:junos tscope:eqversion:6.3

Trust: 0.6

vendor:junipermodel:junose escope:eqversion:7.0.0

Trust: 0.6

vendor:junipermodel:junos jscope:eqversion:6.3

Trust: 0.6

vendor:junipermodel:junose jscope:eqversion:6.3

Trust: 0.6

vendor:junipermodel:junos escope:eqversion:7.0.0

Trust: 0.6

vendor:junipermodel:junose tscope:eqversion:6.3

Trust: 0.6

sources: CERT/CC: VU#226364 // JVNDB: JVNDB-2005-000686 // CNNVD: CNNVD-200511-304 // NVD: CVE-2005-3733

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-3733
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#226364
value: 16.54

Trust: 0.8

NVD: CVE-2005-3733
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200511-304
value: HIGH

Trust: 0.6

VULHUB: VHN-14941
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2005-3733
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-14941
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#226364 // VULHUB: VHN-14941 // JVNDB: JVNDB-2005-000686 // CNNVD: CNNVD-200511-304 // NVD: CVE-2005-3733

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3733

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200511-304

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200511-304

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2005-000686

PATCH
title:cisco-sa-20051114-ipsecurl:http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml
Trust: 0.8
title:HPSBUX02076url:http://www2.itrc.hp.com/service/cki/docDisplay.do?docId=c00555601
Trust: 0.8
title:HPSBUX02076url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/HP-UX/HPSBUX02076.html
Trust: 0.8
title:PSN-2005-11-007url:http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt
Trust: 0.8
title:AXSA-2006-65:1url:http://www.miraclelinux.com/support/update/list.php?errata_id=362
Trust: 0.8
title:RHSA-2006:0267url:https://rhn.redhat.com/errata/RHSA-2006-0267.html
Trust: 0.8
title:102246url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1
Trust: 0.8
title:102246url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3
Trust: 0.8
title:SYM05-025url:http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html
Trust: 0.8
title:cisco-sa-20051114-ipsecurl:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml
Trust: 0.8
title:SYM05-025url:http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html
Trust: 0.8
title:Top Pageurl:http://www.checkpoint.co.jp/
Trust: 0.8
title:RHSA-2006:0267url:http://www.jp.redhat.com/support/errata/RHSA/RHSA-2006-0267J.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2005-000686

EXTERNAL IDS
db:CERT/CCid:VU#226364
Trust: 3.3
db:NVDid:CVE-2005-3733
Trust: 2.5
db:SECUNIAid:17568
Trust: 1.7
db:SECTRACKid:1015203
Trust: 1.7
db:VUPENid:ADV-2005-2410
Trust: 1.7
db:BIDid:15402
Trust: 1.7
db:SECUNIAid:17621
Trust: 1.6
db:SECUNIAid:17684
Trust: 0.9
db:SECUNIAid:17663
Trust: 0.8
db:SECUNIAid:17838
Trust: 0.8
db:SECUNIAid:17553
Trust: 0.8
db:SECUNIAid:17608
Trust: 0.8
db:SECUNIAid:17668
Trust: 0.8
db:AUSCERTid:ESB-2005.0924
Trust: 0.8
db:BIDid:17902
Trust: 0.8
db:JVNDBid:JVNDB-2005-000686
Trust: 0.8
db:CNNVDid:CNNVD-200511-304
Trust: 0.7
db:VULHUBid:VHN-14941
Trust: 0.1
db:PACKETSTORMid:41734
Trust: 0.1
sources:
            
            
            CERT/CC: VU#226364 // 
            
            
            
            VULHUB: VHN-14941 // 
            
            
            
            JVNDB: JVNDB-2005-000686 // 
            
            
            
            PACKETSTORM: 41734 // 
            
            
            
            CNNVD: CNNVD-200511-304 // 
            
            
            
            NVD: CVE-2005-3733

REFERENCES
url:http://jvn.jp/niscc/niscc-273756/index.html
Trust: 3.3
url:http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
Trust: 2.5
url:http://www.kb.cert.org/vuls/id/226364
Trust: 2.5
url:http://www.securityfocus.com/bid/15402
Trust: 1.7
url:http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
Trust: 1.7
url:http://securitytracker.com/id?1015203
Trust: 1.7
url:http://secunia.com/advisories/17568
Trust: 1.7
url:http://secunia.com/advisories/17621/
Trust: 1.6
url:http://www.vupen.com/english/advisories/2005/2410
Trust: 1.1
url:http://secunia.com/advisories/17553/
Trust: 0.9
url:http://secunia.com/advisories/17684/
Trust: 0.9
url:http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp
Trust: 0.8
url:http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm
Trust: 0.8
url:http://www.auscert.org.au/5748
Trust: 0.8
url:http://secunia.com/advisories/17608/
Trust: 0.8
url:http://secunia.com/advisories/17668/
Trust: 0.8
url:http://secunia.com/advisories/17663/
Trust: 0.8
url:http://secunia.com/advisories/17838/
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3733
Trust: 0.8
url:http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20051114-01014.xml
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3733
Trust: 0.8
url:http://www.cpni.gov.uk/docs/re-20051114-01014.pdf?lang=en
Trust: 0.8
url:http://www.securityfocus.com/bid/17902
Trust: 0.8
url:http://www.cyberpolice.go.jp/important/2005/20051118_193244.html
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2005/2410
Trust: 0.6
url:http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/product/3104/
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html
Trust: 0.1
url:http://secunia.com/product/6177/
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html
Trust: 0.1
url:http://secunia.com/product/3587/
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
url:http://secunia.com/product/6175/
Trust: 0.1
url:http://secunia.com/product/6176/
Trust: 0.1
url:http://secunia.com/product/552/
Trust: 0.1
url:http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html
Trust: 0.1
url:http://secunia.com/product/876/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html
Trust: 0.1
url:http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html
Trust: 0.1
sources:
            
            
            CERT/CC: VU#226364 // 
            
            
            
            VULHUB: VHN-14941 // 
            
            
            
            JVNDB: JVNDB-2005-000686 // 
            
            
            
            PACKETSTORM: 41734 // 
            
            
            
            CNNVD: CNNVD-200511-304 // 
            
            
            
            NVD: CVE-2005-3733

CREDITS
NISCC albatross@tim.it
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200511-304

SOURCES
db:CERT/CCid:VU#226364
db:VULHUBid:VHN-14941
db:JVNDBid:JVNDB-2005-000686
db:PACKETSTORMid:41734
db:CNNVDid:CNNVD-200511-304
db:NVDid:CVE-2005-3733

LAST UPDATE DATE
2025-01-14T22:10:28.202000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#226364date:2006-01-03T00:00:00
db:VULHUBid:VHN-14941date:2011-03-08T00:00:00
db:JVNDBid:JVNDB-2005-000686date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200511-304date:2006-09-20T00:00:00
db:NVDid:CVE-2005-3733date:2024-11-21T00:02:32.900

SOURCES RELEASE DATE
db:CERT/CCid:VU#226364date:2005-11-17T00:00:00
db:VULHUBid:VHN-14941date:2005-11-21T00:00:00
db:JVNDBid:JVNDB-2005-000686date:2007-04-01T00:00:00
db:PACKETSTORMid:41734date:2005-11-22T18:19:46
db:CNNVDid:CNNVD-200511-304date:2005-11-21T00:00:00
db:NVDid:CVE-2005-3733date:2005-11-21T23:03:00