cvelistv5 - CVE-2005-3733

CVE-2005-3733 (GCVE-0-2005-3733)

Vulnerability from cvelistv5 – Published: 2005-11-21 23:00 – Updated: 2024-08-07 23:24

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2005/2410	vdb-entryx_refsource_VUPEN
	http://www.niscc.gov.uk/niscc/docs/re-20051114-01…	x_refsource_MISC
	http://securitytracker.com/id?1015203	vdb-entryx_refsource_SECTRACK
	http://jvn.jp/niscc/NISCC-273756/index.html	x_refsource_MISC
	http://www.ee.oulu.fi/research/ouspg/protos/testi…	x_refsource_MISC
	http://www.kb.cert.org/vuls/id/226364	third-party-advisoryx_refsource_CERT-VN
	http://secunia.com/advisories/17568	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/15402	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:24:35.505Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2005-2410",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2410"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "name": "1015203",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015203"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
          },
          {
            "name": "VU#226364",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/226364"
          },
          {
            "name": "17568",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17568"
          },
          {
            "name": "15402",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15402"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-11-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-01-12T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2005-2410",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2410"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
        },
        {
          "name": "1015203",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015203"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
        },
        {
          "name": "VU#226364",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/226364"
        },
        {
          "name": "17568",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17568"
        },
        {
          "name": "15402",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15402"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3733",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2005-2410",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2410"
            },
            {
              "name": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en",
              "refsource": "MISC",
              "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
            },
            {
              "name": "1015203",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015203"
            },
            {
              "name": "http://jvn.jp/niscc/NISCC-273756/index.html",
              "refsource": "MISC",
              "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
            },
            {
              "name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
              "refsource": "MISC",
              "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
            },
            {
              "name": "VU#226364",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/226364"
            },
            {
              "name": "17568",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17568"
            },
            {
              "name": "15402",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15402"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3733",
    "datePublished": "2005-11-21T23:00:00",
    "dateReserved": "2005-11-21T00:00:00",
    "dateUpdated": "2024-08-07T23:24:35.505Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_e:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.0.0\", \"matchCriteriaId\": \"B3347D3B-2EC4-48BE-A7BB-7F9DB06BC29E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_j:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3\", \"matchCriteriaId\": \"134C4D32-B17D-4964-A6AE-33FEBE50BAD2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_m:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3\", \"matchCriteriaId\": \"9003227E-607A-4DEA-9C53-F9713F091671\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junos_t:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3\", \"matchCriteriaId\": \"34005B62-213E-4151-A370-64CD092302E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose_e:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"7.0.0\", \"matchCriteriaId\": \"B50B561A-90E2-445B-8F86-0F1C1F6D5CE6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose_j:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3\", \"matchCriteriaId\": \"0DC7E393-F0CF-4839-A244-F4EF3DBAD2BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose_m:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3.0\", \"matchCriteriaId\": \"1B781C0E-A25C-4579-869E-4392F4746E27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:juniper:junose_t:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.3\", \"matchCriteriaId\": \"0987FBDC-76B7-4BDE-A3FD-9DF34BB95402\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.\"}]",
      "id": "CVE-2005-3733",
      "lastModified": "2024-11-21T00:02:32.900",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-11-21T23:03:00.000",
      "references": "[{\"url\": \"http://jvn.jp/niscc/NISCC-273756/index.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/17568\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1015203\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/226364\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/15402\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2410\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://jvn.jp/niscc/NISCC-273756/index.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/17568\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015203\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/226364\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/15402\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2410\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-3733\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-11-21T23:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_e:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.0.0\",\"matchCriteriaId\":\"B3347D3B-2EC4-48BE-A7BB-7F9DB06BC29E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_j:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"134C4D32-B17D-4964-A6AE-33FEBE50BAD2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_m:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"9003227E-607A-4DEA-9C53-F9713F091671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junos_t:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"34005B62-213E-4151-A370-64CD092302E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose_e:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"7.0.0\",\"matchCriteriaId\":\"B50B561A-90E2-445B-8F86-0F1C1F6D5CE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose_j:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"0DC7E393-F0CF-4839-A244-F4EF3DBAD2BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose_m:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3.0\",\"matchCriteriaId\":\"1B781C0E-A25C-4579-869E-4392F4746E27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:juniper:junose_t:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.3\",\"matchCriteriaId\":\"0987FBDC-76B7-4BDE-A3FD-9DF34BB95402\"}]}]}],\"references\":[{\"url\":\"http://jvn.jp/niscc/NISCC-273756/index.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/17568\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015203\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/226364\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/15402\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2410\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://jvn.jp/niscc/NISCC-273756/index.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/17568\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015203\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/226364\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/15402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2005/2410\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-200511-0062

Vulnerability from variot - Updated: 2024-07-23 20:32

The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. Juniper's M, T, J and E series routers are all network router products developed by Juniper. The IKE protocol is implemented in the JUNOS and JUNOSe software. Testing of the IKE version 1 phase 1 ISAKMP test suite developed by the Oulu University Security Programming Group (OUSPG) revealed a vulnerability in the IKE protocol implementation in JUNOS and JUNOSe software. By sending specially crafted messages, vulnerable products may exhibit denial of service, format string vulnerabilities, and buffer overflows. In some cases, arbitrary code execution may also be possible.

TITLE: IPsec-Tools ISAKMP IKE Message Processing Denial of Service

SECUNIA ADVISORY ID: SA17668

VERIFY ADVISORY: http://secunia.com/advisories/17668/

CRITICAL: Moderately critical

IMPACT: DoS

WHERE:

From remote

SOFTWARE: IPsec-Tools 0.x http://secunia.com/product/3352/

DESCRIPTION: A vulnerability has been reported in IPsec-Tools, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL pointer dereferencing error when processing certain ISAKMP packets in aggressive mode.

The vulnerability is related to: SA17553

Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2.

SOLUTION: Update to version 0.6.3. http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605

PROVIDED AND/OR DISCOVERED BY: The vendor credits Adrian Portelli.

ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000 http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601

OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200511-0062",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "junos m",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junose m",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "6.3.0"
      },
      {
        "model": "junos t",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junose j",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junose t",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junos e",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "7.0.0"
      },
      {
        "model": "junose e",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "7.0.0"
      },
      {
        "model": "junos j",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "check point",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "fortinet",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nortel",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "openswan linux ipsec",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "qnx",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "stonesoft",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": null
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "4.0"
      },
      {
        "model": "asianux server",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cybertrust",
        "version": "4.0 (x86-64)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "10 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "10 (x86)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "9 (sparc)"
      },
      {
        "model": "solaris",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "9 (x86)"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "12.2"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "12.3"
      },
      {
        "model": "ios",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "12.4"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.0"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.1"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.2"
      },
      {
        "model": "pix firewall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "6.3"
      },
      {
        "model": "pix/asa",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "7.0"
      },
      {
        "model": "enterprise firewall",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "5.0"
      },
      {
        "model": "screenos",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "juniper",
        "version": "5.2"
      },
      {
        "model": "vpn-1/firewall-1",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "check point",
        "version": "ng with application intelligence (r54)"
      },
      {
        "model": "vpn-1/firewall-1",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "check point",
        "version": "ng with application intelligence (r55)"
      },
      {
        "model": "vpn-1/firewall-1",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "check point",
        "version": "ng with application intelligence (r55w)"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.00"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.11"
      },
      {
        "model": "hp-ux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": "11.23"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "4 (ws)"
      },
      {
        "model": "junos m",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junose m",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "6.3.0"
      },
      {
        "model": "junos t",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junose e",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "7.0.0"
      },
      {
        "model": "junos j",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junose j",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "6.3"
      },
      {
        "model": "junos e",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "7.0.0"
      },
      {
        "model": "junose t",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "juniper",
        "version": "6.3"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_e:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_j:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_e:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_m:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_t:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_j:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_m:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_t:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "NISCC albatross@tim.it",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2005-3733",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": true,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2005-3733",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-14941",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2005-3733",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#226364",
            "trust": 0.8,
            "value": "16.54"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200511-304",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-14941",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14941"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. Juniper\u0027s M, T, J and E series routers are all network router products developed by Juniper. The IKE protocol is implemented in the JUNOS and JUNOSe software. Testing of the IKE version 1 phase 1 ISAKMP test suite developed by the Oulu University Security Programming Group (OUSPG) revealed a vulnerability in the IKE protocol implementation in JUNOS and JUNOSe software. By sending specially crafted messages, vulnerable products may exhibit denial of service, format string vulnerabilities, and buffer overflows. In some cases, arbitrary code execution may also be possible. \n\nTITLE:\nIPsec-Tools ISAKMP IKE Message Processing Denial of Service\n\nSECUNIA ADVISORY ID:\nSA17668\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17668/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nIPsec-Tools 0.x\nhttp://secunia.com/product/3352/\n\nDESCRIPTION:\nA vulnerability has been reported in IPsec-Tools, which can be\nexploited by malicious people to cause a DoS (Denial of Service). \n\nThe vulnerability is caused due to a NULL pointer dereferencing error\nwhen processing certain ISAKMP packets in aggressive mode. \n\nThe vulnerability is related to:\nSA17553\n\nSuccessful exploitation requires a weak racoon configuration (e.g. no\nlifetime proposal or obey mode), and using 3DES/SHA1/DH2. \n\nSOLUTION:\nUpdate to version 0.6.3. \nhttp://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Adrian Portelli. \n\nORIGINAL ADVISORY:\nhttp://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000\nhttp://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      },
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14941"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#226364",
        "trust": 3.3
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3733",
        "trust": 2.5
      },
      {
        "db": "SECUNIA",
        "id": "17568",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1015203",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2005-2410",
        "trust": 1.7
      },
      {
        "db": "BID",
        "id": "15402",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "17621",
        "trust": 1.6
      },
      {
        "db": "SECUNIA",
        "id": "17668",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "17663",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "17838",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "17553",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "17608",
        "trust": 0.8
      },
      {
        "db": "SECUNIA",
        "id": "17684",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2005.0924",
        "trust": 0.8
      },
      {
        "db": "BID",
        "id": "17902",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-14941",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41739",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14941"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "id": "VAR-200511-0062",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14941"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T20:32:56.794000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20051114-ipsec",
        "trust": 0.8,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
      },
      {
        "title": "HPSBUX02076",
        "trust": 0.8,
        "url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00555601"
      },
      {
        "title": "HPSBUX02076",
        "trust": 0.8,
        "url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02076.html"
      },
      {
        "title": "PSN-2005-11-007",
        "trust": 0.8,
        "url": "http://www.juniper.net/support/security/alerts/psn-2005-11-007.txt"
      },
      {
        "title": "AXSA-2006-65:1",
        "trust": 0.8,
        "url": "http://www.miraclelinux.com/support/update/list.php?errata_id=362"
      },
      {
        "title": "RHSA-2006:0267",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2006-0267.html"
      },
      {
        "title": "102246",
        "trust": 0.8,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1"
      },
      {
        "title": "102246",
        "trust": 0.8,
        "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3"
      },
      {
        "title": "SYM05-025",
        "trust": 0.8,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
      },
      {
        "title": "cisco-sa-20051114-ipsec",
        "trust": 0.8,
        "url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml"
      },
      {
        "title": "SYM05-025",
        "trust": 0.8,
        "url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://www.checkpoint.co.jp/"
      },
      {
        "title": "RHSA-2006:0267",
        "trust": 0.8,
        "url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0267j.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.3,
        "url": "http://jvn.jp/niscc/niscc-273756/index.html"
      },
      {
        "trust": 2.5,
        "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
      },
      {
        "trust": 2.5,
        "url": "http://www.kb.cert.org/vuls/id/226364"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/15402"
      },
      {
        "trust": 1.7,
        "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1015203"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/17568"
      },
      {
        "trust": 1.6,
        "url": "http://secunia.com/advisories/17621/"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2005/2410"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17553/"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17668/"
      },
      {
        "trust": 0.8,
        "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
      },
      {
        "trust": 0.8,
        "url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
      },
      {
        "trust": 0.8,
        "url": "http://www.auscert.org.au/5748"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/17608/"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/17684/"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/17663/"
      },
      {
        "trust": 0.8,
        "url": "http://secunia.com/advisories/17838/"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3733"
      },
      {
        "trust": 0.8,
        "url": "http://www.cpni.gov.uk/products/vulnerabilitydisclosures/default.aspx?id=va-20051114-01014.xml"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3733"
      },
      {
        "trust": 0.8,
        "url": "http://www.cpni.gov.uk/docs/re-20051114-01014.pdf?lang=en"
      },
      {
        "trust": 0.8,
        "url": "http://www.securityfocus.com/bid/17902"
      },
      {
        "trust": 0.8,
        "url": "http://www.cyberpolice.go.jp/important/2005/20051118_193244.html"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2005/2410"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3352/"
      },
      {
        "trust": 0.1,
        "url": "http://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605"
      },
      {
        "trust": 0.1,
        "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000"
      },
      {
        "trust": 0.1,
        "url": "http://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14941"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14941"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-11-17T00:00:00",
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "date": "2005-11-21T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14941"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "date": "2005-11-22T18:19:46",
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "date": "2005-11-21T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      },
      {
        "date": "2005-11-21T23:03:00",
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-01-03T00:00:00",
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14941"
      },
      {
        "date": "2007-04-01T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2005-000686"
      },
      {
        "date": "2006-09-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      },
      {
        "date": "2011-03-08T02:27:02.970000",
        "db": "NVD",
        "id": "CVE-2005-3733"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-304"
      }
    ],
    "trust": 0.6
  }
}

GHSA-CV4J-GRVC-2X58

Vulnerability from github – Published: 2022-05-01 02:20 – Updated: 2025-04-03 04:20

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-3733"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-11-21T23:03:00Z",
    "severity": "HIGH"
  },
  "details": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.",
  "id": "GHSA-cv4j-grvc-2x58",
  "modified": "2025-04-03T04:20:15Z",
  "published": "2022-05-01T02:20:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3733"
    },
    {
      "type": "WEB",
      "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17568"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015203"
    },
    {
      "type": "WEB",
      "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
    },
    {
      "type": "WEB",
      "url": "http://www.kb.cert.org/vuls/id/226364"
    },
    {
      "type": "WEB",
      "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/15402"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/2410"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2005-3733

Vulnerability from fkie_nvd - Published: 2005-11-21 23:03 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://jvn.jp/niscc/NISCC-273756/index.html
cve@mitre.org	http://secunia.com/advisories/17568
cve@mitre.org	http://securitytracker.com/id?1015203
cve@mitre.org	http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
cve@mitre.org	http://www.kb.cert.org/vuls/id/226364	US Government Resource
cve@mitre.org	http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
cve@mitre.org	http://www.securityfocus.com/bid/15402
cve@mitre.org	http://www.vupen.com/english/advisories/2005/2410
af854a3a-2127-422b-91ae-364da2661108	http://jvn.jp/niscc/NISCC-273756/index.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17568
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015203
af854a3a-2127-422b-91ae-364da2661108	http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
af854a3a-2127-422b-91ae-364da2661108	http://www.kb.cert.org/vuls/id/226364	US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15402
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/2410

Impacted products

Vendor	Product	Version
juniper	junos_e	*
juniper	junos_j	*
juniper	junos_m	*
juniper	junos_t	*
juniper	junose_e	*
juniper	junose_j	*
juniper	junose_m	*
juniper	junose_t	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:juniper:junos_e:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3347D3B-2EC4-48BE-A7BB-7F9DB06BC29E",
              "versionEndIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_j:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "134C4D32-B17D-4964-A6AE-33FEBE50BAD2",
              "versionEndIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_m:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9003227E-607A-4DEA-9C53-F9713F091671",
              "versionEndIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junos_t:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34005B62-213E-4151-A370-64CD092302E8",
              "versionEndIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junose_e:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B50B561A-90E2-445B-8F86-0F1C1F6D5CE6",
              "versionEndIncluding": "7.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junose_j:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DC7E393-F0CF-4839-A244-F4EF3DBAD2BE",
              "versionEndIncluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junose_m:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B781C0E-A25C-4579-869E-4392F4746E27",
              "versionEndIncluding": "6.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:juniper:junose_t:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0987FBDC-76B7-4BDE-A3FD-9DF34BB95402",
              "versionEndIncluding": "6.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
    }
  ],
  "id": "CVE-2005-3733",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-11-21T23:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/17568"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015203"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/226364"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15402"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2410"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/17568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015203"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/226364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2410"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2005-3733

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2005-3733

Aliases

CVE-2005-3733

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-3733",
    "description": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.",
    "id": "GSD-2005-3733"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-3733"
      ],
      "details": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.",
      "id": "GSD-2005-3733",
      "modified": "2023-12-13T01:20:12.419720Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-3733",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "ADV-2005-2410",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2005/2410"
          },
          {
            "name": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en",
            "refsource": "MISC",
            "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
          },
          {
            "name": "1015203",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015203"
          },
          {
            "name": "http://jvn.jp/niscc/NISCC-273756/index.html",
            "refsource": "MISC",
            "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
          },
          {
            "name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
            "refsource": "MISC",
            "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
          },
          {
            "name": "VU#226364",
            "refsource": "CERT-VN",
            "url": "http://www.kb.cert.org/vuls/id/226364"
          },
          {
            "name": "17568",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/17568"
          },
          {
            "name": "15402",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/15402"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_e:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_j:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_e:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_m:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junose_t:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_j:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_m:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:juniper:junos_t:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "6.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3733"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.  NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
            },
            {
              "name": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
            },
            {
              "name": "http://jvn.jp/niscc/NISCC-273756/index.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://jvn.jp/niscc/NISCC-273756/index.html"
            },
            {
              "name": "VU#226364",
              "refsource": "CERT-VN",
              "tags": [
                "US Government Resource"
              ],
              "url": "http://www.kb.cert.org/vuls/id/226364"
            },
            {
              "name": "1015203",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015203"
            },
            {
              "name": "17568",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/17568"
            },
            {
              "name": "15402",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/15402"
            },
            {
              "name": "ADV-2005-2410",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/2410"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-08T02:27Z",
      "publishedDate": "2005-11-21T23:03Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-3733 (GCVE-0-2005-3733)

VAR-200511-0062

GHSA-CV4J-GRVC-2X58

FKIE_CVE-2005-3733

GSD-2005-3733

Tags

Sightings

Nomenclature