CVE-2005-3671

Severity

78%

Complexity

99%

Confidentiality

115%

The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

CVSS 2.0 Base Score 7.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C).

Overview

First reported 19 years ago

2005-11-18 21:03:00

Last updated 5 years ago

2019-07-29 14:24:00

Affected Software

Xelerance Openswan 2.4.0

2.4.0

References

20051213 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation

20051214 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation

http://jvn.jp/niscc/NISCC-273756/index.html

17581

17680

17980

18115

1015214

http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/

Exploit

GLSA-200512-04

VU#226364

Third Party Advisory, US Government Resource

http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en

Vendor Advisory

SUSE-SA:2005:070

http://www.openswan.org/niscc2/

Patch, Vendor Advisory

FEDORA-2005-1092

FEDORA-2005-1093

15416

Patch

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.