Vulnerability Details CVE-2005-3732
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.189
EPSS Ranking 94.9%
CVSS Severity
CVSS v2 Score 7.8
References
- ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
- http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html
- http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u
- http://rhn.redhat.com/errata/RHSA-2006-0267.html
- http://secunia.com/advisories/17668
- http://secunia.com/advisories/17822
- http://secunia.com/advisories/17980
- http://secunia.com/advisories/18115
- http://secunia.com/advisories/18616
- http://secunia.com/advisories/18742
- http://secunia.com/advisories/19833
- http://secunia.com/advisories/20210
- http://securitytracker.com/id?1015254
- http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
- http://www.debian.org/security/2006/dsa-965
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
- http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:020
- http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
- http://www.novell.com/linux/security/advisories/2005_70_ipsec.html
- http://www.securityfocus.com/archive/1/436343/100/0/threaded
- http://www.securityfocus.com/bid/15523
- http://www.vupen.com/english/advisories/2005/2521
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9857
- https://usn.ubuntu.com/221-1/
- ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc
- http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html
- http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u
- http://rhn.redhat.com/errata/RHSA-2006-0267.html
- http://secunia.com/advisories/17668
- http://secunia.com/advisories/17822
- http://secunia.com/advisories/17980
- http://secunia.com/advisories/18115
- http://secunia.com/advisories/18616
- http://secunia.com/advisories/18742
- http://secunia.com/advisories/19833
- http://secunia.com/advisories/20210
- http://securitytracker.com/id?1015254
- http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
- http://www.debian.org/security/2006/dsa-965
- http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
- http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:020
- http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
- http://www.novell.com/linux/security/advisories/2005_70_ipsec.html
- http://www.securityfocus.com/archive/1/436343/100/0/threaded
- http://www.securityfocus.com/bid/15523
- http://www.vupen.com/english/advisories/2005/2521
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9857
- https://usn.ubuntu.com/221-1/
Products affected by CVE-2005-3732
-
cpe:2.3:a:ipsec-tools:ipsec-tools:0.5
-
cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.1
-
cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.2
-
cpe:2.3:a:ipsec-tools:ipsec-tools:0.6
-
cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.1
-
cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.2