Sign-up

ID

VAR-200511-0111


CVE

CVE-2005-3667


TITLE

Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations

Trust: 0.8

sources: CERT/CC: VU#226364

DESCRIPTION

Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. In addition, since "denial of service" is an impact and not a vulnerability, it is unknown which underlying vulnerabilities are actually covered by this particular candidate. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. TITLE: IPsec-Tools ISAKMP IKE Message Processing Denial of Service SECUNIA ADVISORY ID: SA17668 VERIFY ADVISORY: http://secunia.com/advisories/17668/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: IPsec-Tools 0.x http://secunia.com/product/3352/ DESCRIPTION: A vulnerability has been reported in IPsec-Tools, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereferencing error when processing certain ISAKMP packets in aggressive mode. The vulnerability is related to: SA17553 Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2. SOLUTION: Update to version 0.6.3. http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605 PROVIDED AND/OR DISCOVERED BY: The vendor credits Adrian Portelli. ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000 http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601 OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.7

sources: NVD: CVE-2005-3667 // CERT/CC: VU#226364 // JVNDB: JVNDB-2005-000679 // BID: 89220 // PACKETSTORM: 41739

AFFECTED PRODUCTS

vendor:internet key exchangemodel:internet key exchangescope:eqversion:1

Trust: 1.6

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:fortinetmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:necmodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:openswan linux ipsecmodel: - scope: - version: -

Trust: 0.8

vendor:qnxmodel: - scope: - version: -

Trust: 0.8

vendor:stonesoftmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0

Trust: 0.8

vendor:cybertrustmodel:asianux serverscope:eqversion:4.0 (x86-64)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:10 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:10 (x86)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:9 (sparc)

Trust: 0.8

vendor:sun microsystemsmodel:solarisscope:eqversion:9 (x86)

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.2

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.3

Trust: 0.8

vendor:ciscomodel:iosscope:eqversion:12.4

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.0

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.1

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.2

Trust: 0.8

vendor:ciscomodel:pix firewallscope:eqversion:6.3

Trust: 0.8

vendor:ciscomodel:pix/asascope:eqversion:7.0

Trust: 0.8

vendor:symantecmodel:enterprise firewallscope:eqversion:8.0

Trust: 0.8

vendor:junipermodel:screenosscope:eqversion:5.0

Trust: 0.8

vendor:junipermodel:screenosscope:eqversion:5.2

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r54)

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r55)

Trust: 0.8

vendor:check pointmodel:vpn-1/firewall-1scope:eqversion:ng with application intelligence (r55w)

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.00

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.11

Trust: 0.8

vendor:hewlett packardmodel:hp-uxscope:eqversion:11.23

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:3 (ws)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (as)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (es)

Trust: 0.8

vendor:red hatmodel:enterprise linuxscope:eqversion:4 (ws)

Trust: 0.8

vendor:internetmodel:key exchange internet key exchangescope:eqversion:1

Trust: 0.3

sources: CERT/CC: VU#226364 // BID: 89220 // JVNDB: JVNDB-2005-000679 // CNNVD: CNNVD-200511-262 // NVD: CVE-2005-3667

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2005-3667
value: MEDIUM

Trust: 1.8

CARNEGIE MELLON: VU#226364
value: 16.54

Trust: 0.8

CNNVD: CNNVD-200511-262
value: MEDIUM

Trust: 0.6

NVD: CVE-2005-3667
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: FALSE
version: 2.0

Trust: 1.8

sources: CERT/CC: VU#226364 // JVNDB: JVNDB-2005-000679 // CNNVD: CNNVD-200511-262 // NVD: CVE-2005-3667

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3667

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200511-262

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200511-262

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2005-3667

PATCH
title:cisco-sa-20051114-ipsecurl:http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml
Trust: 0.8
title:HPSBUX02076url:http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00555601
Trust: 0.8
title:HPSBUX02076url:http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02076.html
Trust: 0.8
title:PSN-2005-11-007url:http://www.juniper.net/support/security/alerts/psn-2005-11-007.txt
Trust: 0.8
title:AXSA-2006-65:1url:http://www.miraclelinux.com/support/update/list.php?errata_id=362
Trust: 0.8
title:RHSA-2006:0267url:https://rhn.redhat.com/errata/rhsa-2006-0267.html
Trust: 0.8
title:102246url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1
Trust: 0.8
title:102246url:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3
Trust: 0.8
title:SYM05-025url:http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html
Trust: 0.8
title:cisco-sa-20051114-ipsecurl:http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml
Trust: 0.8
title:SYM05-025url:http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html
Trust: 0.8
title:Top Pageurl:http://www.checkpoint.co.jp/
Trust: 0.8
title:RHSA-2006:0267url:http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0267j.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2005-000679

EXTERNAL IDS
db:CERT/CCid:VU#226364
Trust: 3.5
db:NVDid:CVE-2005-3667
Trust: 2.7
db:SECUNIAid:17621
Trust: 1.6
db:SECUNIAid:17553
Trust: 1.6
db:SECUNIAid:17668
Trust: 0.9
db:SECUNIAid:17663
Trust: 0.8
db:SECUNIAid:17838
Trust: 0.8
db:SECUNIAid:17608
Trust: 0.8
db:SECUNIAid:17684
Trust: 0.8
db:AUSCERTid:ESB-2005.0924
Trust: 0.8
db:BIDid:17902
Trust: 0.8
db:JVNDBid:JVNDB-2005-000679
Trust: 0.8
db:CNNVDid:CNNVD-200511-262
Trust: 0.6
db:BIDid:89220
Trust: 0.3
db:PACKETSTORMid:41739
Trust: 0.1
sources:
            
            
            CERT/CC: VU#226364 // 
            
            
            
            BID: 89220 // 
            
            
            
            JVNDB: JVNDB-2005-000679 // 
            
            
            
            PACKETSTORM: 41739 // 
            
            
            
            CNNVD: CNNVD-200511-262 // 
            
            
            
            NVD: CVE-2005-3667

REFERENCES
url:http://jvn.jp/niscc/niscc-273756/index.html
Trust: 3.5
url:http://www.kb.cert.org/vuls/id/226364
Trust: 2.7
url:http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en
Trust: 1.9
url:http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
Trust: 1.9
url:http://secunia.com/advisories/17553/
Trust: 1.7
url:http://secunia.com/advisories/17621/
Trust: 1.6
url:http://secunia.com/advisories/17668/
Trust: 0.9
url:http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp
Trust: 0.8
url:http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm
Trust: 0.8
url:http://www.auscert.org.au/5748
Trust: 0.8
url:http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
Trust: 0.8
url:http://secunia.com/advisories/17608/
Trust: 0.8
url:http://secunia.com/advisories/17684/
Trust: 0.8
url:http://secunia.com/advisories/17663/
Trust: 0.8
url:http://secunia.com/advisories/17838/
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3667
Trust: 0.8
url:http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20051114-01014.xml
Trust: 0.8
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3667
Trust: 0.8
url:http://www.cpni.gov.uk/docs/re-20051114-01014.pdf?lang=en
Trust: 0.8
url:http://www.securityfocus.com/bid/17902
Trust: 0.8
url:http://www.cyberpolice.go.jp/important/2005/20051118_193244.html
Trust: 0.8
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/product/3352/
Trust: 0.1
url:http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605
Trust: 0.1
url:http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
Trust: 0.1
url:http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            CERT/CC: VU#226364 // 
            
            
            
            BID: 89220 // 
            
            
            
            JVNDB: JVNDB-2005-000679 // 
            
            
            
            PACKETSTORM: 41739 // 
            
            
            
            CNNVD: CNNVD-200511-262 // 
            
            
            
            NVD: CVE-2005-3667

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 89220

SOURCES
db:CERT/CCid:VU#226364
db:BIDid:89220
db:JVNDBid:JVNDB-2005-000679
db:PACKETSTORMid:41739
db:CNNVDid:CNNVD-200511-262
db:NVDid:CVE-2005-3667

LAST UPDATE DATE
2022-05-29T19:56:13.972000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#226364date:2006-01-03T00:00:00
db:BIDid:89220date:2005-11-18T00:00:00
db:JVNDBid:JVNDB-2005-000679date:2007-04-01T00:00:00
db:CNNVDid:CNNVD-200511-262date:2005-12-05T00:00:00
db:NVDid:CVE-2005-3667date:2008-09-05T20:54:00

SOURCES RELEASE DATE
db:CERT/CCid:VU#226364date:2005-11-17T00:00:00
db:BIDid:89220date:2005-11-18T00:00:00
db:JVNDBid:JVNDB-2005-000679date:2007-04-01T00:00:00
db:PACKETSTORMid:41739date:2005-11-22T18:19:46
db:CNNVDid:CNNVD-200511-262date:2005-11-18T00:00:00
db:NVDid:CVE-2005-3667date:2005-11-18T21:03:00