ID

VAR-200512-0678


CVE

CVE-2005-4570


TITLE

Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations

Trust: 0.8

sources: CERT/CC: VU#226364

DESCRIPTION

The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the vendor advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. TITLE: IPsec-Tools ISAKMP IKE Message Processing Denial of Service SECUNIA ADVISORY ID: SA17668 VERIFY ADVISORY: http://secunia.com/advisories/17668/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: IPsec-Tools 0.x http://secunia.com/product/3352/ DESCRIPTION: A vulnerability has been reported in IPsec-Tools, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereferencing error when processing certain ISAKMP packets in aggressive mode. The vulnerability is related to: SA17553 Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2. SOLUTION: Update to version 0.6.3. http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605 PROVIDED AND/OR DISCOVERED BY: The vendor credits Adrian Portelli. ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000 http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601 OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.8

sources: NVD: CVE-2005-4570 // CERT/CC: VU#226364 // VULHUB: VHN-15778 // PACKETSTORM: 41739

AFFECTED PRODUCTS

vendor:check pointmodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:fortinetmodel: - scope: - version: -

Trust: 0.8

vendor:hewlett packardmodel: - scope: - version: -

Trust: 0.8

vendor:necmodel: - scope: - version: -

Trust: 0.8

vendor:nortelmodel: - scope: - version: -

Trust: 0.8

vendor:openswan linux ipsecmodel: - scope: - version: -

Trust: 0.8

vendor:qnxmodel: - scope: - version: -

Trust: 0.8

vendor:stonesoftmodel: - scope: - version: -

Trust: 0.8

vendor:sun microsystemsmodel: - scope: - version: -

Trust: 0.8

sources: CERT/CC: VU#226364

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-4570
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#226364
value: 16.54

Trust: 0.8

CNNVD: CNNVD-200512-619
value: HIGH

Trust: 0.6

VULHUB: VHN-15778
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2005-4570
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-15778
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#226364 // VULHUB: VHN-15778 // CNNVD: CNNVD-200512-619 // NVD: CVE-2005-4570

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4570

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200512-619

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200512-619

EXTERNAL IDS

db:VUPENid:ADV-2006-0182

Trust: 1.7

db:NVDid:CVE-2005-4570

Trust: 1.7

db:SECUNIAid:18446

Trust: 1.7

db:BIDid:15997

Trust: 1.7

db:SECUNIAid:17668

Trust: 0.9

db:SECUNIAid:17621

Trust: 0.8

db:SECUNIAid:17663

Trust: 0.8

db:SECUNIAid:17838

Trust: 0.8

db:SECUNIAid:17553

Trust: 0.8

db:SECUNIAid:17608

Trust: 0.8

db:SECUNIAid:17684

Trust: 0.8

db:AUSCERTid:ESB-2005.0924

Trust: 0.8

db:CERT/CCid:VU#226364

Trust: 0.8

db:CNNVDid:CNNVD-200512-619

Trust: 0.7

db:VULHUBid:VHN-15778

Trust: 0.1

db:PACKETSTORMid:41739

Trust: 0.1

sources: CERT/CC: VU#226364 // VULHUB: VHN-15778 // PACKETSTORM: 41739 // CNNVD: CNNVD-200512-619 // NVD: CVE-2005-4570

REFERENCES

url:http://www.securityfocus.com/bid/15997

Trust: 1.7

url:http://www.fortinet.com/fortiguardcenter/vu226364.html

Trust: 1.7

url:http://secunia.com/advisories/18446

Trust: 1.7

url:http://www.vupen.com/english/advisories/2006/0182

Trust: 1.1

url:http://secunia.com/advisories/17553/

Trust: 0.9

url:http://secunia.com/advisories/17668/

Trust: 0.9

url:http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp

Trust: 0.8

url:http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm

Trust: 0.8

url:http://www.auscert.org.au/5748

Trust: 0.8

url:http://jvn.jp/niscc/niscc-273756/index.html

Trust: 0.8

url:http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en

Trust: 0.8

url:http://secunia.com/advisories/17608/

Trust: 0.8

url:http://secunia.com/advisories/17621/

Trust: 0.8

url:http://secunia.com/advisories/17684/

Trust: 0.8

url:http://secunia.com/advisories/17663/

Trust: 0.8

url:http://secunia.com/advisories/17838/

Trust: 0.8

url:http://www.frsirt.com/english/advisories/2006/0182

Trust: 0.6

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/3352/

Trust: 0.1

url:http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605

Trust: 0.1

url:http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000

Trust: 0.1

url:http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: CERT/CC: VU#226364 // VULHUB: VHN-15778 // PACKETSTORM: 41739 // CNNVD: CNNVD-200512-619 // NVD: CVE-2005-4570

CREDITS

Discovery is credited to NISCC, CERT-FI, and the Oulu University Secure Programming Group.

Trust: 0.6

sources: CNNVD: CNNVD-200512-619

SOURCES

db:CERT/CCid:VU#226364
db:VULHUBid:VHN-15778
db:PACKETSTORMid:41739
db:CNNVDid:CNNVD-200512-619
db:NVDid:CVE-2005-4570

LAST UPDATE DATE

2024-11-07T20:47:51.631000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#226364date:2006-01-03T00:00:00
db:VULHUBid:VHN-15778date:2011-03-08T00:00:00
db:CNNVDid:CNNVD-200512-619date:2005-12-29T00:00:00
db:NVDid:CVE-2005-4570date:2011-03-08T02:28:29.907

SOURCES RELEASE DATE

db:CERT/CCid:VU#226364date:2005-11-17T00:00:00
db:VULHUBid:VHN-15778date:2005-12-29T00:00:00
db:PACKETSTORMid:41739date:2005-11-22T18:19:46
db:CNNVDid:CNNVD-200512-619date:2005-12-29T00:00:00
db:NVDid:CVE-2005-4570date:2005-12-29T11:03:00