cvelistv5 - cve-2005-3768

CVE-2005-3768 (GCVE-0-2005-3768)

Vulnerability from cvelistv5 – Published: 2005-11-23 00:00 – Updated: 2024-08-07 23:24

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://securitytracker.com/id?1015247	vdb-entryx_refsource_SECTRACK
	http://secunia.com/advisories/17684	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2005/2517	vdb-entryx_refsource_VUPEN
	http://securitytracker.com/id?1015249	vdb-entryx_refsource_SECTRACK
	http://securityresponse.symantec.com/avcenter/sec…	x_refsource_CONFIRM
	http://securitytracker.com/id?1015248	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:24:36.178Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015247",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015247"
          },
          {
            "name": "17684",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17684"
          },
          {
            "name": "ADV-2005-2517",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2005/2517"
          },
          {
            "name": "1015249",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015249"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
          },
          {
            "name": "1015248",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015248"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-11-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015247",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015247"
        },
        {
          "name": "17684",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17684"
        },
        {
          "name": "ADV-2005-2517",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2005/2517"
        },
        {
          "name": "1015249",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015249"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
        },
        {
          "name": "1015248",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015248"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3768",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015247",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015247"
            },
            {
              "name": "17684",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17684"
            },
            {
              "name": "ADV-2005-2517",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2005/2517"
            },
            {
              "name": "1015249",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015249"
            },
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
              "refsource": "CONFIRM",
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
            },
            {
              "name": "1015248",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015248"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3768",
    "datePublished": "2005-11-23T00:00:00",
    "dateReserved": "2005-11-22T00:00:00",
    "dateUpdated": "2024-08-07T23:24:36.178Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*\", \"matchCriteriaId\": \"F66D6BB6-2355-4644-8A18-725F9E970EA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*\", \"matchCriteriaId\": \"055150B1-5B11-48D1-932C-26C85DF44E07\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E5851263-81A6-40AE-8486-E919D5279CC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E0D3199-365E-4D26-8D23-6492832EF096\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F982965-056D-4253-9CEA-31424AF4B55F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EF372CA-8FC2-47DD-A3A1-E437CC7D80CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2362A590-7443-4E50-8F8F-D89165B4F2C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F82B2D6F-EF56-4B62-9784-CF826AC480CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EDDB133-A6C8-45B4-9988-3D3D2F3952E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"77DA55C0-AD93-429D-AC52-E1E0F35C25D4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.\"}]",
      "id": "CVE-2005-3768",
      "lastModified": "2024-11-21T00:02:38.070",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": true, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2005-11-23T00:03:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/17684\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1015247\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://securitytracker.com/id?1015248\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://securitytracker.com/id?1015249\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2517\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/17684\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1015247\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://securitytracker.com/id?1015248\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://securitytracker.com/id?1015249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2005/2517\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2005-3768\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2005-11-23T00:03:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":true,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*\",\"matchCriteriaId\":\"F66D6BB6-2355-4644-8A18-725F9E970EA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*\",\"matchCriteriaId\":\"055150B1-5B11-48D1-932C-26C85DF44E07\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5851263-81A6-40AE-8486-E919D5279CC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E0D3199-365E-4D26-8D23-6492832EF096\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F982965-056D-4253-9CEA-31424AF4B55F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF372CA-8FC2-47DD-A3A1-E437CC7D80CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2362A590-7443-4E50-8F8F-D89165B4F2C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F82B2D6F-EF56-4B62-9784-CF826AC480CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EDDB133-A6C8-45B4-9988-3D3D2F3952E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"77DA55C0-AD93-429D-AC52-E1E0F35C25D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/17684\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015247\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1015248\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1015249\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2005/2517\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/17684\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1015247\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1015248\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://securitytracker.com/id?1015249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2005/2517\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

GHSA-382C-GF8C-2JC8

Vulnerability from github – Published: 2022-05-01 02:20 – Updated: 2022-05-01 02:20

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2005-3768"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2005-11-23T00:03:00Z",
    "severity": "HIGH"
  },
  "details": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.",
  "id": "GHSA-382c-gf8c-2jc8",
  "modified": "2022-05-01T02:20:58Z",
  "published": "2022-05-01T02:20:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2005-3768"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/17684"
    },
    {
      "type": "WEB",
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015247"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015248"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015249"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2005/2517"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2005-3768

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2005-3768

Aliases

CVE-2005-3768

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2005-3768",
    "description": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.",
    "id": "GSD-2005-3768"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2005-3768"
      ],
      "details": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.",
      "id": "GSD-2005-3768",
      "modified": "2023-12-13T01:20:13.026103Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2005-3768",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1015247",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015247"
          },
          {
            "name": "17684",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/17684"
          },
          {
            "name": "ADV-2005-2517",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2005/2517"
          },
          {
            "name": "1015249",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015249"
          },
          {
            "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
            "refsource": "CONFIRM",
            "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
          },
          {
            "name": "1015248",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015248"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3768"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
            },
            {
              "name": "1015249",
              "refsource": "SECTRACK",
              "tags": [
                "Patch"
              ],
              "url": "http://securitytracker.com/id?1015249"
            },
            {
              "name": "1015248",
              "refsource": "SECTRACK",
              "tags": [
                "Patch"
              ],
              "url": "http://securitytracker.com/id?1015248"
            },
            {
              "name": "1015247",
              "refsource": "SECTRACK",
              "tags": [
                "Patch"
              ],
              "url": "http://securitytracker.com/id?1015247"
            },
            {
              "name": "17684",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/17684"
            },
            {
              "name": "ADV-2005-2517",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2005/2517"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": true,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2011-03-08T02:27Z",
      "publishedDate": "2005-11-23T00:03Z"
    }
  }
}

FKIE_CVE-2005-3768

Vulnerability from fkie_nvd - Published: 2005-11-23 00:03 - Updated: 2025-04-03 01:03

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17684	Patch, Vendor Advisory
cve@mitre.org	http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1015247	Patch
cve@mitre.org	http://securitytracker.com/id?1015248	Patch
cve@mitre.org	http://securitytracker.com/id?1015249	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2005/2517
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17684	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015247	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015248	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015249	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2005/2517

Impacted products

Vendor	Product	Version
symantec	enterprise_firewall	8.0
symantec	enterprise_firewall	8.0
symantec	firewall_vpn_appliance_100	*
symantec	firewall_vpn_appliance_200	*
symantec	gateway_security_300	2.0
symantec	gateway_security_400	2.0
symantec	gateway_security_5000_series	3.0
symantec	gateway_security_5100	*
symantec	gateway_security_5300	1.0
symantec	gateway_security_5310	1.0
symantec	gateway_security_5400	2.0.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "F66D6BB6-2355-4644-8A18-725F9E970EA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "055150B1-5B11-48D1-932C-26C85DF44E07",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5851263-81A6-40AE-8486-E919D5279CC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E0D3199-365E-4D26-8D23-6492832EF096",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F982965-056D-4253-9CEA-31424AF4B55F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EF372CA-8FC2-47DD-A3A1-E437CC7D80CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2362A590-7443-4E50-8F8F-D89165B4F2C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F82B2D6F-EF56-4B62-9784-CF826AC480CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EDDB133-A6C8-45B4-9988-3D3D2F3952E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "77DA55C0-AD93-429D-AC52-E1E0F35C25D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA896DF0-76AD-4CEE-9FE0-5E6758FC9A68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."
    }
  ],
  "id": "CVE-2005-3768",
  "lastModified": "2025-04-03T01:03:51.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-11-23T00:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17684"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015247"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015248"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015249"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2005/2517"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17684"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015247"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015248"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015249"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2005/2517"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-200511-0288

Vulnerability from variot - Updated: 2023-12-18 10:59

Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. Gateway Security 400 is prone to a denial-of-service vulnerability.

For more information: SA17553

Several other bugs have also been fixed in this update.

The vulnerability is caused due to errors in the processing of IKEv1 Phase 1 protocol exchange messages. This can be exploited to cause a DoS. * Cisco IOS versions based on 12.2SXD, 12.3T, 12.4 and 12.4T * Cisco PIX Firewall versions up to but not including 6.3(5) * Cisco PIX Firewall/ASA versions up to but not including 7.0.1.4 * Cisco Firewall Services Module (FWSM) versions up to but not including 2.3(3) * Cisco VPN 3000 Series Concentrators versions up to but not including 4.1(7)H and 4.7(2)B * Cisco MDS Series SanOS versions up to but not including 2.1(2)

Note: For Cisco IOS, only images that contain the Crypto Feature Set are vulnerable.

SOLUTION: See patch matrix in vendor advisory for information about fixes. http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software

PROVIDED AND/OR DISCOVERED BY: Oulu University Secure Programming Group (OUSPG) .

For more information: SA17553

Successful exploitation reportedly requires that the attacker is able to perform a full IKE negotiation with the affected system and requires authentication. * VPN-1/Firewall-1 NG with AI R54 prior to HFA_417. * VPN-1/Firewall-1 NG with AI R55 prior to HFA_16. * VPN-1/Firewall-1 NG with AI R55W prior to HFA_04. * VPN-1/Firewall-1 NG with AI R55P prior to HFA_06. * VPN-1 Pro NGX R60 prior to HFA_01. * Check Point Express CI R57. * Firewall-1 GX 3.0.

SOLUTION: Install the latest HFA (HotFix Accumulator).

Note: A fix will reportedly not be released for NG FP3. The vendor recommends upgrading to a recent version, and to the most recent HFA of this version.

The vendor reportedly will release hotfixes for Check Point Express CI and Firewall-1 GX 3.0 at a later date.

The vulnerability is related to: SA17553

SOLUTION: Refer to the original advisory from Nortel Networks for instructions how to apply fixes.

The vulnerability is related to: SA17553

Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2.

TITLE: Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of Service

SECUNIA ADVISORY ID: SA17684

VERIFY ADVISORY: http://secunia.com/advisories/17684/

CRITICAL: Moderately critical

IMPACT: DoS

WHERE:

From remote

OPERATING SYSTEM: Symantec Gateway Security 400 Series http://secunia.com/product/6175/ Symantec Gateway Security 300 Series http://secunia.com/product/6176/ Symantec Gateway Security 3.x http://secunia.com/product/6177/ Symantec Gateway Security 2.x http://secunia.com/product/3104/ Symantec Gateway Security 1.x http://secunia.com/product/876/ Symantec Firewall/VPN Appliance 100/200/200R http://secunia.com/product/552/

SOFTWARE: Symantec Enterprise Firewall (SEF) 8.x http://secunia.com/product/3587/

DESCRIPTION: Symantec has acknowledged a vulnerability in various Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service).

For more information: SA17553

Successful exploitation causes a DoS of the dynamic VPN services.

The vulnerability has been reported in the following products. * Symantec Enterprise Firewall version 8.0 (Windows) * Symantec Enterprise Firewall version 8.0 (Solaris) * Symantec Gateway Security 5000 Series version 3.0 * Symantec Gateway Security 5400 version 2.0.1 * Symantec Gateway Security 5310 version 1.0 * Symantec Gateway Security 5200/5300 version 1.0 * Symantec Gateway Security 5100 * Symantec Gateway Security 400 version 2.0 * Symantec Gateway Security 300 version 2.0 * Symantec Firewall /VPN Appliance 200/200R * Symantec Firewall /VPN Appliance 100

SOLUTION: Apply hotfixes.

Symantec Enterprise Firewall version 8.0 (Windows): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html

Symantec Enterprise Firewall version 8.0 (Solaris): Apply SEF8.0-20051114-00. http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html

Symantec Gateway Security 5000 Series version 3.0: Apply SGS3.0-2005114-02. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html

Symantec Gateway Security 400 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html

Symantec Gateway Security 300 version 2.0: Update to build 1103. http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html

Symantec Firewall /VPN Appliance 200/200R: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html

Symantec Firewall /VPN Appliance 100: Update to build 1.8F. http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html

ORIGINAL ADVISORY: Symantec: http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html

OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200511-0288",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "gateway security 300",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "gateway security 5310",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "gateway security 5300",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "1.0"
      },
      {
        "model": "enterprise firewall",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "gateway security 5000 series",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "3.0"
      },
      {
        "model": "gateway security 400",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "symantec",
        "version": "2.0"
      },
      {
        "model": "firewall vpn appliance 200",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "*"
      },
      {
        "model": "gateway security 5400",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "2.0.1"
      },
      {
        "model": "firewall vpn appliance 100",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "*"
      },
      {
        "model": "gateway security 5100",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "symantec",
        "version": "*"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "check point",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "fortinet",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "hewlett packard",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "nortel",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "openswan linux ipsec",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "qnx",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "stonesoft",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": null
      },
      {
        "model": "firewall vpn appliance 100",
        "scope": null,
        "trust": 0.6,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": "firewall vpn appliance 200",
        "scope": null,
        "trust": 0.6,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": "gateway security 5100",
        "scope": null,
        "trust": 0.6,
        "vendor": "symantec",
        "version": null
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "54002.0.1"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "53101.0"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "53001.0"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "5100"
      },
      {
        "model": "gateway security series",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "50003.0"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "4002.0"
      },
      {
        "model": "gateway security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "3002.0"
      },
      {
        "model": "firewall/vpn appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "200"
      },
      {
        "model": "firewall/vpn appliance",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "100"
      },
      {
        "model": "enterprise firewall solaris",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.0"
      },
      {
        "model": "enterprise firewall windows",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "symantec",
        "version": "8.0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "BID",
        "id": "89215"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5400:2.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Secunia",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "41982"
      },
      {
        "db": "PACKETSTORM",
        "id": "41515"
      },
      {
        "db": "PACKETSTORM",
        "id": "41614"
      },
      {
        "db": "PACKETSTORM",
        "id": "41586"
      },
      {
        "db": "PACKETSTORM",
        "id": "41791"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "PACKETSTORM",
        "id": "41734"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2005-3768",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": true,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-14976",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2005-3768",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CARNEGIE MELLON",
            "id": "VU#226364",
            "trust": 0.8,
            "value": "16.54"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200511-338",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-14976",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14976"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. Gateway Security 400 is prone to a denial-of-service vulnerability. \n\nFor more information:\nSA17553\n\nSeveral other bugs have also been fixed in this update. \r\n\r\nThe vulnerability is caused due to errors in the processing of IKEv1\nPhase 1 protocol exchange messages. This can be exploited to cause a\nDoS. \r\n* Cisco IOS versions based on 12.2SXD, 12.3T, 12.4 and 12.4T\r\n* Cisco PIX Firewall versions up to but not including 6.3(5)\r\n* Cisco PIX Firewall/ASA versions up to but not including 7.0.1.4\r\n* Cisco Firewall Services Module (FWSM) versions up to but not\nincluding 2.3(3)\r\n* Cisco VPN 3000 Series Concentrators versions up to but not\nincluding 4.1(7)H and 4.7(2)B\r\n* Cisco MDS Series SanOS versions up to but not including 2.1(2)\r\n\r\nNote: For Cisco IOS, only images that contain the Crypto Feature Set\nare vulnerable. \n\nSOLUTION:\nSee patch matrix in vendor advisory for information about fixes. \r\nhttp://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nOulu University Secure Programming Group (OUSPG) . \n\nFor more information:\nSA17553\n\nSuccessful exploitation reportedly requires that the attacker is able\nto perform a full IKE negotiation with the affected system and\nrequires authentication. \n* VPN-1/Firewall-1 NG with AI R54 prior to HFA_417. \n* VPN-1/Firewall-1 NG with AI R55 prior to HFA_16. \n* VPN-1/Firewall-1 NG with AI R55W prior to HFA_04. \n* VPN-1/Firewall-1 NG with AI R55P prior to HFA_06. \n* VPN-1 Pro NGX R60 prior to HFA_01. \n* Check Point Express CI R57. \n* Firewall-1 GX 3.0. \n\nSOLUTION:\nInstall the latest HFA (HotFix Accumulator). \n\nNote: A fix will reportedly not be released for NG FP3. The vendor\nrecommends upgrading to a recent version, and to the most recent HFA\nof this version. \n\nThe vendor reportedly will release hotfixes for Check Point Express\nCI and Firewall-1 GX 3.0 at a later date. \r\n\r\nThe vulnerability is related to:\r\nSA17553\n\nSOLUTION:\nRefer to the original advisory from Nortel Networks for instructions\nhow to apply fixes. \n\nThe vulnerability is related to:\nSA17553\n\nSuccessful exploitation requires a weak racoon configuration (e.g. no\nlifetime proposal or obey mode), and using 3DES/SHA1/DH2. \n\nTITLE:\nSymantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA17684\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17684/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nSymantec Gateway Security 400 Series\nhttp://secunia.com/product/6175/\nSymantec Gateway Security 300 Series\nhttp://secunia.com/product/6176/\nSymantec Gateway Security 3.x\nhttp://secunia.com/product/6177/\nSymantec Gateway Security 2.x\nhttp://secunia.com/product/3104/\nSymantec Gateway Security 1.x\nhttp://secunia.com/product/876/\nSymantec Firewall/VPN Appliance 100/200/200R\nhttp://secunia.com/product/552/\n\nSOFTWARE:\nSymantec Enterprise Firewall (SEF) 8.x\nhttp://secunia.com/product/3587/\n\nDESCRIPTION:\nSymantec has acknowledged a vulnerability in various Symantec\nproducts, which can be exploited by malicious people to cause a DoS\n(Denial of Service). \n\nFor more information:\nSA17553\n\nSuccessful exploitation causes a DoS of the dynamic VPN services. \n\nThe vulnerability has been reported in the following products. \n* Symantec Enterprise Firewall version 8.0 (Windows)\n* Symantec Enterprise Firewall version 8.0 (Solaris)\n* Symantec Gateway Security 5000 Series version 3.0\n* Symantec Gateway Security 5400 version 2.0.1\n* Symantec Gateway Security 5310 version 1.0\n* Symantec Gateway Security 5200/5300 version 1.0\n* Symantec Gateway Security 5100\n* Symantec Gateway Security 400 version 2.0\n* Symantec Gateway Security 300\tversion 2.0\n* Symantec Firewall /VPN Appliance 200/200R\n* Symantec Firewall /VPN Appliance 100\n\nSOLUTION:\nApply hotfixes. \n\nSymantec Enterprise Firewall version 8.0 (Windows):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html\n\nSymantec Enterprise Firewall version 8.0 (Solaris):\nApply SEF8.0-20051114-00. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html\n\nSymantec Gateway Security 5000 Series version 3.0:\nApply SGS3.0-2005114-02. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html\n\nSymantec Gateway Security 400 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html\n\nSymantec Gateway Security 300 version 2.0:\nUpdate to build 1103. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html\n\nSymantec Firewall /VPN Appliance 200/200R:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html\n\nSymantec Firewall /VPN Appliance 100:\nUpdate to build 1.8F. \nhttp://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html\n\nORIGINAL ADVISORY:\nSymantec:\nhttp://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html\n\nOTHER REFERENCES:\nSA17553:\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "BID",
        "id": "89215"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14976"
      },
      {
        "db": "PACKETSTORM",
        "id": "41982"
      },
      {
        "db": "PACKETSTORM",
        "id": "41515"
      },
      {
        "db": "PACKETSTORM",
        "id": "41614"
      },
      {
        "db": "PACKETSTORM",
        "id": "41586"
      },
      {
        "db": "PACKETSTORM",
        "id": "41791"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "PACKETSTORM",
        "id": "41734"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "SECUNIA",
        "id": "17684",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1015247",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1015249",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1015248",
        "trust": 2.0
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3768",
        "trust": 2.0
      },
      {
        "db": "VUPEN",
        "id": "ADV-2005-2517",
        "trust": 1.7
      },
      {
        "db": "SECUNIA",
        "id": "17621",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "17663",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "17838",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "17553",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "17608",
        "trust": 0.9
      },
      {
        "db": "SECUNIA",
        "id": "17668",
        "trust": 0.9
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2005.0924",
        "trust": 0.8
      },
      {
        "db": "CERT/CC",
        "id": "VU#226364",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338",
        "trust": 0.7
      },
      {
        "db": "BID",
        "id": "89215",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-14976",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41982",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41515",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41614",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41586",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41791",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41739",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "41734",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14976"
      },
      {
        "db": "BID",
        "id": "89215"
      },
      {
        "db": "PACKETSTORM",
        "id": "41982"
      },
      {
        "db": "PACKETSTORM",
        "id": "41515"
      },
      {
        "db": "PACKETSTORM",
        "id": "41614"
      },
      {
        "db": "PACKETSTORM",
        "id": "41586"
      },
      {
        "db": "PACKETSTORM",
        "id": "41791"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "PACKETSTORM",
        "id": "41734"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ]
  },
  "id": "VAR-200511-0288",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-14976"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T10:59:11.793000Z",
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
      },
      {
        "trust": 2.0,
        "url": "http://securitytracker.com/id?1015247"
      },
      {
        "trust": 2.0,
        "url": "http://securitytracker.com/id?1015248"
      },
      {
        "trust": 2.0,
        "url": "http://securitytracker.com/id?1015249"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/17684"
      },
      {
        "trust": 1.5,
        "url": "http://secunia.com/advisories/17553/"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2005/2517"
      },
      {
        "trust": 0.9,
        "url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17608/"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17621/"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17684/"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17668/"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17663/"
      },
      {
        "trust": 0.9,
        "url": "http://secunia.com/advisories/17838/"
      },
      {
        "trust": 0.8,
        "url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
      },
      {
        "trust": 0.8,
        "url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
      },
      {
        "trust": 0.8,
        "url": "http://www.auscert.org.au/5748"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/niscc/niscc-273756/index.html"
      },
      {
        "trust": 0.7,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.7,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.7,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2005/2517"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5625/"
      },
      {
        "trust": 0.1,
        "url": "http://www.astaro.org/showflat.php?cat=\u0026number=63958\u0026page=0\u0026view=collapsed\u0026sb=5\u0026o=\u0026fpart=1#63958"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/90/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/50/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6102/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/706/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/182/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/56/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5088/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6101/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2273/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3214/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/59/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/89/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6148/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6010/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6149/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2542/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6124/"
      },
      {
        "trust": 0.1,
        "url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=bltndetail\u0026documentoid=367651\u0026renditionid="
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6125/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6126/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2576/"
      },
      {
        "trust": 0.1,
        "url": "https://clientweb.clavister.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.clavister.com/support/support_update_isakmp.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6205/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3352/"
      },
      {
        "trust": 0.1,
        "url": "http://sourceforge.net/project/showfiles.php?group_id=74601\u0026package_id=74949\u0026release_id=372605"
      },
      {
        "trust": 0.1,
        "url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000"
      },
      {
        "trust": 0.1,
        "url": "http://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3104/"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6177/"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3587/"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6175/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/6176/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/552/"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/876/"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html"
      },
      {
        "trust": 0.1,
        "url": "http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14976"
      },
      {
        "db": "BID",
        "id": "89215"
      },
      {
        "db": "PACKETSTORM",
        "id": "41982"
      },
      {
        "db": "PACKETSTORM",
        "id": "41515"
      },
      {
        "db": "PACKETSTORM",
        "id": "41614"
      },
      {
        "db": "PACKETSTORM",
        "id": "41586"
      },
      {
        "db": "PACKETSTORM",
        "id": "41791"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "PACKETSTORM",
        "id": "41734"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "db": "VULHUB",
        "id": "VHN-14976"
      },
      {
        "db": "BID",
        "id": "89215"
      },
      {
        "db": "PACKETSTORM",
        "id": "41982"
      },
      {
        "db": "PACKETSTORM",
        "id": "41515"
      },
      {
        "db": "PACKETSTORM",
        "id": "41614"
      },
      {
        "db": "PACKETSTORM",
        "id": "41586"
      },
      {
        "db": "PACKETSTORM",
        "id": "41791"
      },
      {
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "db": "PACKETSTORM",
        "id": "41734"
      },
      {
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2005-11-17T00:00:00",
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "date": "2005-11-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14976"
      },
      {
        "date": "2005-11-22T00:00:00",
        "db": "BID",
        "id": "89215"
      },
      {
        "date": "2005-12-01T18:48:38",
        "db": "PACKETSTORM",
        "id": "41982"
      },
      {
        "date": "2005-11-15T06:02:23",
        "db": "PACKETSTORM",
        "id": "41515"
      },
      {
        "date": "2005-11-19T21:56:12",
        "db": "PACKETSTORM",
        "id": "41614"
      },
      {
        "date": "2005-11-19T21:56:12",
        "db": "PACKETSTORM",
        "id": "41586"
      },
      {
        "date": "2005-11-30T04:03:08",
        "db": "PACKETSTORM",
        "id": "41791"
      },
      {
        "date": "2005-11-22T18:19:46",
        "db": "PACKETSTORM",
        "id": "41739"
      },
      {
        "date": "2005-11-22T18:19:46",
        "db": "PACKETSTORM",
        "id": "41734"
      },
      {
        "date": "2005-11-23T00:03:00",
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "date": "2005-11-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-01-03T00:00:00",
        "db": "CERT/CC",
        "id": "VU#226364"
      },
      {
        "date": "2011-03-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-14976"
      },
      {
        "date": "2005-11-22T00:00:00",
        "db": "BID",
        "id": "89215"
      },
      {
        "date": "2011-03-08T02:27:06.437000",
        "db": "NVD",
        "id": "CVE-2005-3768"
      },
      {
        "date": "2005-11-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#226364"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200511-338"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2005-3768 (GCVE-0-2005-3768)

GHSA-382C-GF8C-2JC8

GSD-2005-3768

FKIE_CVE-2005-3768

VAR-200511-0288

Tags

Sightings

Nomenclature