Back to search
CVE-2005-3671
Published: Nov 18, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
x_refsource_MISC
15416
vdb-entry
x_refsource_BID
FEDORA-2005-1093
vendor-advisory
x_refsource_FEDORA
1015214
vdb-entry
x_refsource_SECTRACK
17581
third-party-advisory
x_refsource_SECUNIA
20051214 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation
mailing-list
x_refsource_BUGTRAQ
http://jvn.jp/niscc/NISCC-273756/index.html
x_refsource_MISC
20051213 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation
mailing-list
x_refsource_BUGTRAQ
GLSA-200512-04
vendor-advisory
x_refsource_GENTOO
http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
x_refsource_MISC
VU#226364
third-party-advisory
x_refsource_CERT-VN
18115
third-party-advisory
x_refsource_SECUNIA
17680
third-party-advisory
x_refsource_SECUNIA
FEDORA-2005-1092
vendor-advisory
x_refsource_FEDORA
http://www.openswan.org/niscc2/
x_refsource_CONFIRM
17980
third-party-advisory
x_refsource_SECUNIA
SUSE-SA:2005:070
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now