Published: 06/04/2006 Updated: 05/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x prior to 20060119, certain FreeBSD releases, and possibly other distributions of BSD or Linux operating systems, when running in aggressive mode, allows remote malicious users to cause a denial of service (daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
internet key exchange internet key exchange 1

Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE (Internet Key Exchange) messages These vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of service Cisco has made free software availa ...

NVD-CWE-Other http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en http://mail-index.netbsd.org/source-changes/2006/01/19/0017.html ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2006-003.txt.asc http://secunia.com/advisories/19463 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20051114-ipsec

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-1646

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect