Vulnerabilites related to symantec - gateway_security_400
CVE-2005-3768 (GCVE-0-2005-3768)
Vulnerability from cvelistv5
Published
2005-11-23 00:00
Modified
2024-08-07 23:24
Severity ?
EPSS score ?
Summary
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1015247 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/17684 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2005/2517 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1015249 | vdb-entry, x_refsource_SECTRACK | |
| http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html | x_refsource_CONFIRM | |
| http://securitytracker.com/id?1015248 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T23:24:36.178Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1015247", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015247", }, { name: "17684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/17684", }, { name: "ADV-2005-2517", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2005/2517", }, { name: "1015249", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015249", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { name: "1015248", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015248", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-11-21T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2009-02-26T10:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "1015247", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015247", }, { name: "17684", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/17684", }, { name: "ADV-2005-2517", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2005/2517", }, { name: "1015249", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015249", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { name: "1015248", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015248", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-3768", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1015247", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015247", }, { name: "17684", refsource: "SECUNIA", url: "http://secunia.com/advisories/17684", }, { name: "ADV-2005-2517", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2005/2517", }, { name: "1015249", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015249", }, { name: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", refsource: "CONFIRM", url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { name: "1015248", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015248", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-3768", datePublished: "2005-11-23T00:00:00", dateReserved: "2005-11-22T00:00:00", dateUpdated: "2024-08-07T23:24:36.178Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2005-11-23 00:03
Modified
2025-04-03 01:03
Severity ?
Summary
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | enterprise_firewall | 8.0 | |
| symantec | enterprise_firewall | 8.0 | |
| symantec | firewall_vpn_appliance_100 | * | |
| symantec | firewall_vpn_appliance_200 | * | |
| symantec | gateway_security_300 | 2.0 | |
| symantec | gateway_security_400 | 2.0 | |
| symantec | gateway_security_5000_series | 3.0 | |
| symantec | gateway_security_5100 | * | |
| symantec | gateway_security_5300 | 1.0 | |
| symantec | gateway_security_5310 | 1.0 | |
| symantec | gateway_security_5400 | 2.0.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*", matchCriteriaId: "F66D6BB6-2355-4644-8A18-725F9E970EA2", vulnerable: true, }, { criteria: "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*", matchCriteriaId: "055150B1-5B11-48D1-932C-26C85DF44E07", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*", matchCriteriaId: "E5851263-81A6-40AE-8486-E919D5279CC7", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*", matchCriteriaId: "0E0D3199-365E-4D26-8D23-6492832EF096", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*", matchCriteriaId: "6F982965-056D-4253-9CEA-31424AF4B55F", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*", matchCriteriaId: "4EF372CA-8FC2-47DD-A3A1-E437CC7D80CA", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*", matchCriteriaId: "2362A590-7443-4E50-8F8F-D89165B4F2C5", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*", matchCriteriaId: "F82B2D6F-EF56-4B62-9784-CF826AC480CD", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*", matchCriteriaId: "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*", matchCriteriaId: "77DA55C0-AD93-429D-AC52-E1E0F35C25D4", vulnerable: true, }, { criteria: "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*", matchCriteriaId: "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.", }, ], id: "CVE-2005-3768", lastModified: "2025-04-03T01:03:51.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-11-23T00:03:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17684", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015247", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015248", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015249", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2005/2517", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/17684", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015247", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015248", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://securitytracker.com/id?1015249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2005/2517", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }