VAR-200505-0128
Vulnerability from variot - Updated: 2023-12-18 14:02Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. Multiple Nortel Networks products are prone to a remote denial of service vulnerability. The issue manifests when the affected appliance processes an IKE main packet (ISAKMP) header of a certain type. When the packet is processed, the vulnerability is triggered and the device crashes, effectively denying service for legitimate users. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet. A denial of service vulnerability exists in the Nortel VPN router product (formerly known as Nortel Contivity) when performing VPN security tests on users
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200505-0128",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4600_secure_ip_services_gateway"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.6,
"vendor": "nortel",
"version": "4500_secure_ip_services_gateway"
},
{
"model": "vpn router 1050",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1500_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "2000_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1600_secure_ip_services_gateway"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "2500_vpn_switch"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "2600_secure_ip_services_gateway"
},
{
"model": "vpn router 1010",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "1000_vpn_switch"
},
{
"model": "vpn router 1100",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 1700",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 1740",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 2700",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 600",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "contivity",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "4000_vpn_switch"
},
{
"model": "vpn router 5000",
"scope": "eq",
"trust": 1.0,
"vendor": "nortel",
"version": "*"
},
{
"model": "vpn router 1100",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1050",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1740",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 2700",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 5000",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 600",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1700",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "vpn router 1010",
"scope": null,
"trust": 0.6,
"vendor": "nortel",
"version": null
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "6000"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "5000"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1740"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1700"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1100"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1050"
},
{
"model": "networks vpn router",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1010"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4600"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4500"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "4000"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2600"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2500"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "2000"
},
{
"model": "networks contivity secure ip services gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1600"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1500"
},
{
"model": "networks contivity vpn switch",
"scope": "eq",
"trust": 0.3,
"vendor": "nortel",
"version": "1000"
}
],
"sources": [
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4500_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1010:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1050:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1500_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:1600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_600:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2600_secure_ip_services_gateway:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1700:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_2700:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:2500_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1100:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:h:nortel:vpn_router_1740:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1802"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Roy Hills\u203b Roy.Hills@nta-monitor.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
},
"cve": "CVE-2005-1802",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-13011",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-1802",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200505-1218",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-13011",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. Multiple Nortel Networks products are prone to a remote denial of service vulnerability. \nThe issue manifests when the affected appliance processes an IKE main packet (ISAKMP) header of a certain type. \nWhen the packet is processed, the vulnerability is triggered and the device crashes, effectively denying service for legitimate users. Nortel VPN routers provide routing, VPN, firewall, bandwidth management, encryption, authentication, and data integrity functions for secure connections over IP networks and the Internet. A denial of service vulnerability exists in the Nortel VPN router product (formerly known as Nortel Contivity) when performing VPN security tests on users",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "VULHUB",
"id": "VHN-13011"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "13792",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2005-1802",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1014068",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218",
"trust": 0.7
},
{
"db": "BUGTRAQ",
"id": "20050531 NORTEL VPN ROUTER MALFORMED PACKET DOS VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-13011",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"id": "VAR-200505-0128",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:02:50.081000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-1802"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/13792"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/archive/1/399423"
},
{
"trust": 1.7,
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1014068"
},
{
"trust": 0.3,
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?level=6\u0026category=29\u0026subcategory=1\u0026documentoid=328562"
},
{
"trust": 0.3,
"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/index.htm"
},
{
"trust": 0.3,
"url": "/archive/1/401129"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-13011"
},
{
"db": "BID",
"id": "13792"
},
{
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-05-27T00:00:00",
"db": "VULHUB",
"id": "VHN-13011"
},
{
"date": "2005-05-27T00:00:00",
"db": "BID",
"id": "13792"
},
{
"date": "2005-05-27T04:00:00",
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"date": "2005-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-13011"
},
{
"date": "2009-07-12T14:56:00",
"db": "BID",
"id": "13792"
},
{
"date": "2008-09-05T20:50:08.417000",
"db": "NVD",
"id": "CVE-2005-1802"
},
{
"date": "2005-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nortel VPN Router malformed packet denial of service vulnerability",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200505-1218"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…