Published: 06/03/2008 Updated: 03/02/2022

CVSS v2 Base Score: 7.1 | Impact Score: 6.9 | Exploitability Score: 8.6

VMScore: 632

Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N

The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote malicious users to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise linux 4.0
redhat enterprise linux 3.0
redhat enterprise linux 5.0

Synopsis Low: initscripts security and bug fix update Type/Severity Security Advisory: Low Topic An updated initscripts package that fixes one security issue and four bugsis now available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having lowsecurity impact A ...

NVD-CWE-noinfo http://www.ernw.de/download/pskattack.pdf https://bugzilla.redhat.com/show_bug.cgi?id=435274 http://www.securitytracker.com/id?1019563 https://exchange.xforce.ibmcloud.com/vulnerabilities/41053 http://secunia.com/advisories/48045 https://access.redhat.com/errata/RHSA-2012:0312 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1198

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect