Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2005-3671

Published: 18/11/2005 Updated: 29/07/2019
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Openswan

Vulnerability Summary

The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) prior to 2.4.4, and freeswan in SUSE LINUX 9.1 prior to 2.04_1.5.4-1.23, allow remote malicious users to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Vulnerable Product Search on Vulmon Subscribe to Product

openswan openswan 2.2

xelerance openswan 2.4.0

frees wan frees wan 2.04

openswan openswan 2.1.6

openswan openswan 2.3

openswan openswan 2.1.1

openswan openswan 2.1.2

openswan openswan 2.1.4

openswan openswan 2.1.5

Vendor Advisories

Cisco: Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE (Internet Key Exchange) messages These vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of service Cisco has made free software availa ...

References

NVD-CWE-Otherhttp://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/http://www.openswan.org/niscc2/http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=enhttp://jvn.jp/niscc/NISCC-273756/index.htmlhttp://www.kb.cert.org/vuls/id/226364http://www.securityfocus.com/bid/15416http://securitytracker.com/id?1015214http://www.gentoo.org/security/en/glsa/glsa-200512-04.xmlhttp://archives.neohapsis.com/archives/bugtraq/2005-12/0138.htmlhttp://archives.neohapsis.com/archives/bugtraq/2005-12/0161.htmlhttp://www.novell.com/linux/security/advisories/2005_70_ipsec.htmlhttp://secunia.com/advisories/18115http://secunia.com/advisories/17581http://secunia.com/advisories/17980http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.htmlhttp://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.htmlhttp://secunia.com/advisories/17680https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20051114-ipsec
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4654CVE-2023-49606encryptionNULL pointer dereferenceCVE-2024-4439CVE-2024-4649race conditionCVE-2024-27202CVE-2024-34566
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook