Vulnerability Details CVE-2005-3666
Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://jvn.jp/niscc/NISCC-273756/index.html
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
- http://www.kb.cert.org/vuls/id/226364
- http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en
- http://jvn.jp/niscc/NISCC-273756/index.html
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
- http://www.kb.cert.org/vuls/id/226364
- http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en
Products affected by CVE-2005-3666
-
cpe:2.3:a:internet_key_exchange:internet_key_exchange:1