All the vulnerabilites related to frees_wan - frees_wan
Vulnerability from fkie_nvd
Published
2005-11-18 21:03
Modified
2024-11-21 00:02
Severity ?
Summary
The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:2.04:*:*:*:*:*:*:*",
"matchCriteriaId": "68C84C1F-2804-4E5F-B34E-D75530CD5A71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3A9EABDE-514F-42BA-A335-135209605981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2425AF51-C42B-4EAA-A619-EE47EAFCBA83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "892D939B-4649-4B90-A2C0-6C2E4DDF7DFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1A321B57-5E08-48C8-9288-A92342770FD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "54780B50-9CFE-43B6-8BB9-C7246F817773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "001E2700-CE33-495A-8F8A-81E2E550CFF2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6A628FE6-A042-4DF9-A141-8BE65FD236C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:xelerance:openswan:2.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F7841F42-1226-43C4-A007-88847925D872",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
],
"id": "CVE-2005-3671",
"lastModified": "2024-11-21T00:02:24.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-11-18T21:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html"
},
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html"
},
{
"source": "cve@mitre.org",
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17581"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17680"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/17980"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/18115"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015214"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"source": "cve@mitre.org",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"source": "cve@mitre.org",
"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openswan.org/niscc2/"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17581"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/17980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/18115"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openswan.org/niscc2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/15416"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2004-12-06 05:00
Modified
2024-11-20 23:48
Severity ?
Summary
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| frees_wan | frees_wan | 1 | |
| frees_wan | frees_wan | 2 | |
| frees_wan | super_frees_wan | 1 | |
| openswan | openswan | 1 | |
| openswan | openswan | 2 | |
| strongswan | strongswan | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1:*:*:*:*:*:*:*",
"matchCriteriaId": "10B562DF-7470-4C26-9989-0872DA521B44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:2:*:*:*:*:*:*:*",
"matchCriteriaId": "E5B02427-164D-4B6B-ACF1-662691FC6828",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:super_frees_wan:1:*:*:*:*:*:*:*",
"matchCriteriaId": "4C94B5FB-8830-4217-BB07-36DAD9902259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:1:*:*:*:*:*:*:*",
"matchCriteriaId": "06740766-75C5-4EDA-8BFD-96C5E7AE1A73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openswan:openswan:2:*:*:*:*:*:*:*",
"matchCriteriaId": "E54638CB-40EE-47D1-A373-1AEF85DE9405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:strongswan:strongswan:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D62594D0-8847-4CC4-9AFD-3C216D429C5B",
"versionEndIncluding": "2.1.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject."
},
{
"lang": "es",
"value": "FreeS/WAN 1.x y 2.x, y otros productos relacionados, incluyendo superfreeswan 1.x, openswan 1.x anteriores a 1.0.6, openswan 2.x anteriores a 2.1.4 y strongSwan anteriores a 2.1.3 permite a atacantes remotos autenticarse usando certificados PKCS#7 falsificados en los que un certificado auto-firmado identifica a una Autoridad Certificadora (CA) y a un usuario y asunto suplantados."
}
],
"id": "CVE-2004-0590",
"lastModified": "2024-11-20T23:48:55.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-12-06T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200406-20.xml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openswan.org/support/vuln/can-2004-0590/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-200406-20.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.openswan.org/support/vuln/can-2004-0590/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16515"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2002-11-04 05:00
Modified
2024-11-20 23:39
Severity ?
Summary
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| frees_wan | frees_wan | 1.9 | |
| frees_wan | frees_wan | 1.9.1 | |
| frees_wan | frees_wan | 1.9.2 | |
| frees_wan | frees_wan | 1.9.3 | |
| frees_wan | frees_wan | 1.9.4 | |
| frees_wan | frees_wan | 1.9.5 | |
| frees_wan | frees_wan | 1.9.6 | |
| apple | mac_os_x | 10.2 | |
| apple | mac_os_x_server | 10.2 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| freebsd | freebsd | 4.6 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5 | |
| netbsd | netbsd | 1.5.1 | |
| netbsd | netbsd | 1.5.2 | |
| netbsd | netbsd | 1.5.3 | |
| netbsd | netbsd | 1.6 | |
| global_technology_associates | gnat_box_firmware | 3.1 | |
| global_technology_associates | gnat_box_firmware | 3.2 | |
| global_technology_associates | gnat_box_firmware | 3.3 | |
| nec | bluefire_ix1035_router | * | |
| nec | ix1010 | * | |
| nec | ix1011 | * | |
| nec | ix1020 | * | |
| nec | ix1050 | * | |
| nec | ix2010 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "9A66D34B-9044-4F34-B367-55967EE92FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "907622BF-3B1E-4A89-A414-60DD0559463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "308CBFAA-D513-4593-81E8-4CC025E5853C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7711EC06-B983-4E8C-AC4A-24C3A5AD64AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.4:*:*:*:*:*:*:*",
"matchCriteriaId": "29E5A0BA-BC40-4D53-8A34-D9E1D88C0453",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AEEA91E2-C599-4192-8BBC-A151A1D283A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:frees_wan:frees_wan:1.9.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F10EA9F4-5878-4AFB-BAB6-B2C9728AF3DE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CDCF4FB3-F781-46D5-BEE7-485B3DC78B83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x_server:10.2:*:*:*:*:*:*:*",
"matchCriteriaId": "00AE033B-5F16-4262-A397-02D7450189B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9C001822-FDF8-497C-AC2C-B59A00E9ACD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:release:*:*:*:*:*:*",
"matchCriteriaId": "118211EF-CED7-4EB5-9669-F54C8169D4AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:4.6:stable:*:*:*:*:*:*",
"matchCriteriaId": "9A405AE2-ECC4-4BB0-80DD-4736394FB217",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D9BF9-FCC7-4680-AD3A-95757FC005EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:sh3:*:*:*:*:*",
"matchCriteriaId": "52F2B17F-A169-402C-AA05-0DE5D805BAD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5:*:x86:*:*:*:*:*",
"matchCriteriaId": "BD44E15F-D216-404F-8585-D278175C2A0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78E8C3A4-9FA7-4F2A-8C65-D4404715E674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA2E3A3-EB9B-4B20-B754-EEC914FB1D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7AC78BA4-70F4-4B9F-93C2-B107E4DCC418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:netbsd:netbsd:1.6:beta:*:*:*:*:*:*",
"matchCriteriaId": "9DDC444D-E763-4685-97F8-A027DF6F804D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD478B7E-83ED-47CD-AE00-705F2255E64C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AC90C735-4002-40A3-B0C8-A684A5DF99A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:global_technology_associates:gnat_box_firmware:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "236F09EF-A0B5-465D-9041-D389AB3EAA97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:bluefire_ix1035_router:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BBB64A3D-0C14-441D-8A4E-E4EF94FA7A34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3D7FB074-B218-408B-AA86-941824B1758B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1011:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4FB687-87F6-47CC-95F8-EB4D4396184D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1020:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98BA9566-EE28-4025-A6DC-B7F81FC41BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix1050:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4331351A-D97B-4874-8370-83A20E598E9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:nec:ix2010:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3C8AA729-DF24-4AA2-800C-1DFEF9E1EF18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
},
{
"lang": "es",
"value": "Implementaciones de IPSEC, incluyendo FreeS/WAN y KAME no calculan adecuadamente la longitud de los datos de autenticaci\u00f3n, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (kernel panic) mediante paquetes Encapsulating Security Payload (EPS) cortos falsificados, lo que resulta en errores de enteros sin signos."
}
],
"id": "CVE-2002-0666",
"lastModified": "2024-11-20T23:39:35.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-11-04T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/6011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/6011"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2004-0590
Vulnerability from cvelistv5
Published
2004-06-30 04:00
Modified
2024-08-08 00:24
Severity ?
EPSS score ?
Summary
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070 | vendor-advisory, x_refsource_MANDRAKE | |
| http://www.openswan.org/support/vuln/can-2004-0590/ | x_refsource_CONFIRM | |
| http://security.gentoo.org/glsa/glsa-200406-20.xml | vendor-advisory, x_refsource_GENTOO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/16515 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:24:27.001Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2004:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE",
"x_transferred"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openswan.org/support/vuln/can-2004-0590/"
},
{
"name": "GLSA-200406-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200406-20.xml"
},
{
"name": "ipsec-verifyx509cert-auth-bypass(16515)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16515"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2004:070",
"tags": [
"vendor-advisory",
"x_refsource_MANDRAKE"
],
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openswan.org/support/vuln/can-2004-0590/"
},
{
"name": "GLSA-200406-20",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200406-20.xml"
},
{
"name": "ipsec-verifyx509cert-auth-bypass(16515)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16515"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0590",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a self-signed certificate identifies an alternate Certificate Authority (CA) and spoofed issuer and subject."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2004:070",
"refsource": "MANDRAKE",
"url": "http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:070"
},
{
"name": "http://www.openswan.org/support/vuln/can-2004-0590/",
"refsource": "CONFIRM",
"url": "http://www.openswan.org/support/vuln/can-2004-0590/"
},
{
"name": "GLSA-200406-20",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200406-20.xml"
},
{
"name": "ipsec-verifyx509cert-auth-bypass(16515)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16515"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0590",
"datePublished": "2004-06-30T04:00:00",
"dateReserved": "2004-06-23T00:00:00",
"dateUpdated": "2024-08-08T00:24:27.001Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2002-0666
Vulnerability from cvelistv5
Published
2002-10-25 04:00
Modified
2024-08-08 02:56
Severity ?
EPSS score ?
Summary
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://razor.bindview.com/publish/advisories/adv_ipsec.html | vendor-advisory, x_refsource_BINDVIEW | |
| http://www.iss.net/security_center/static/10411.php | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/6011 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2002/dsa-201 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.kb.cert.org/vuls/id/459371 | third-party-advisory, x_refsource_CERT-VN | |
| ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc | vendor-advisory, x_refsource_NETBSD |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T02:56:38.381Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"tags": [
"vendor-advisory",
"x_refsource_BINDVIEW",
"x_transferred"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-10-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-06-01T00:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"tags": [
"vendor-advisory",
"x_refsource_BINDVIEW"
],
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"tags": [
"vendor-advisory",
"x_refsource_NETBSD"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-0666",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP) packets, which result in integer signedness errors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20021018 Denial of Service in IPSEC implementations",
"refsource": "BINDVIEW",
"url": "http://razor.bindview.com/publish/advisories/adv_ipsec.html"
},
{
"name": "ipsec-packet-integer-overflow(10411)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10411.php"
},
{
"name": "6011",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/6011"
},
{
"name": "DSA-201",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2002/dsa-201"
},
{
"name": "VU#459371",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/459371"
},
{
"name": "NetBSD-SA2002-016",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-016.txt.asc"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-0666",
"datePublished": "2002-10-25T04:00:00",
"dateReserved": "2002-07-08T00:00:00",
"dateUpdated": "2024-08-08T02:56:38.381Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3671
Vulnerability from cvelistv5
Published
2005-11-18 21:00
Modified
2024-08-07 23:17
Severity ?
EPSS score ?
Summary
The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"name": "15416",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15416"
},
{
"name": "FEDORA-2005-1093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html"
},
{
"name": "1015214",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015214"
},
{
"name": "17581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17581"
},
{
"name": "20051214 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"name": "20051213 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html"
},
{
"name": "GLSA-200512-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "VU#226364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "18115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18115"
},
{
"name": "17680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17680"
},
{
"name": "FEDORA-2005-1092",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.openswan.org/niscc2/"
},
{
"name": "17980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17980"
},
{
"name": "SUSE-SA:2005:070",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-11-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-24T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"name": "15416",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15416"
},
{
"name": "FEDORA-2005-1093",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html"
},
{
"name": "1015214",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015214"
},
{
"name": "17581",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17581"
},
{
"name": "20051214 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"name": "20051213 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html"
},
{
"name": "GLSA-200512-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "VU#226364",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "18115",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18115"
},
{
"name": "17680",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17680"
},
{
"name": "FEDORA-2005-1092",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.openswan.org/niscc2/"
},
{
"name": "17980",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17980"
},
{
"name": "SUSE-SA:2005:070",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3671",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en",
"refsource": "MISC",
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"name": "15416",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15416"
},
{
"name": "FEDORA-2005-1093",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html"
},
{
"name": "1015214",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015214"
},
{
"name": "17581",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17581"
},
{
"name": "20051214 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html"
},
{
"name": "http://jvn.jp/niscc/NISCC-273756/index.html",
"refsource": "MISC",
"url": "http://jvn.jp/niscc/NISCC-273756/index.html"
},
{
"name": "20051213 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html"
},
{
"name": "GLSA-200512-04",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml"
},
{
"name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
"refsource": "MISC",
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"name": "VU#226364",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"name": "18115",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18115"
},
{
"name": "17680",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17680"
},
{
"name": "FEDORA-2005-1092",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html"
},
{
"name": "http://www.openswan.org/niscc2/",
"refsource": "CONFIRM",
"url": "http://www.openswan.org/niscc2/"
},
{
"name": "17980",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17980"
},
{
"name": "SUSE-SA:2005:070",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3671",
"datePublished": "2005-11-18T21:00:00",
"dateReserved": "2005-11-18T00:00:00",
"dateUpdated": "2024-08-07T23:17:23.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}