CVE-2005-3671
Summary
| CVE | CVE-2005-3671 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2005-11-18 21:03:00 UTC |
| Updated | 2019-07-29 14:24:00 UTC |
| Description | The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Frees Wan | Frees Wan | 2.04 | All | All | All |
| Application | Frees Wan | Frees Wan | 2.04 | All | All | All |
| Application | Openswan | Openswan | 2.1.1 | All | All | All |
| Application | Openswan | Openswan | 2.1.2 | All | All | All |
| Application | Openswan | Openswan | 2.1.4 | All | All | All |
| Application | Openswan | Openswan | 2.1.5 | All | All | All |
| Application | Openswan | Openswan | 2.1.6 | All | All | All |
| Application | Openswan | Openswan | 2.2 | All | All | All |
| Application | Openswan | Openswan | 2.3 | All | All | All |
| Application | Openswan | Openswan | 2.1.1 | All | All | All |
| Application | Openswan | Openswan | 2.1.2 | All | All | All |
| Application | Openswan | Openswan | 2.1.4 | All | All | All |
| Application | Openswan | Openswan | 2.1.5 | All | All | All |
| Application | Openswan | Openswan | 2.1.6 | All | All | All |
| Application | Openswan | Openswan | 2.2 | All | All | All |
| Application | Openswan | Openswan | 2.3 | All | All | All |
| Application | Xelerance | Openswan | 2.4.0 | All | All | All |
| Application | Xelerance | Openswan | 2.4.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp | MISC | www.ee.oulu.fi | Exploit |
| Openswan: | CONFIRM | www.openswan.org | Patch, Vendor Advisory |
| Secunia - Advisories - Openswan ISAKMP IKE Message Processing Denial of Service | SECUNIA | secunia.com | |
| NISCC-273756: ISAKMP プロトコルの実装に複数の脆弱性 | MISC | jvn.jp | |
| 20051213 Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation | BUGTRAQ | archives.neohapsis.com | |
| Secunia - Advisories - SUSE update for ipsec-tools / freeswan / openswan | SECUNIA | secunia.com | |
| Neohapsis Archives - Bugtraq - #0161 - Re: [ GLSA 200512-04 ] Openswan, IPsec-Tools: Vulnerabilities in ISAK MP Protocol implementation | BUGTRAQ | archives.neohapsis.com | |
| SecurityTracker.com Archives - Openswan IKE Processing Lets Remote Users Deny Service | SECTRACK | securitytracker.com | |
| Secunia - Advisories - Fedora update for openswan | SECUNIA | secunia.com | |
| Security Announcement | SUSE | www.novell.com | |
| Gentoo Linux Documentation -- Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation | GENTOO | www.gentoo.org | |
| [SECURITY] Fedora Core 4 Update: openswan-2.4.4-1.0.FC4.1 | FEDORA | www.redhat.com | |
| Openswan IKE Traffic Denial Of Service Vulnerabilities | BID | www.securityfocus.com | Patch |
| www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf | MISC | www.niscc.gov.uk | Vendor Advisory |
| [SECURITY] Fedora Core 3 Update: openswan-2.4.4-0.FC3.1 | FEDORA | www.redhat.com | |
| Secunia - Advisories - Gentoo update for openswan / ipsec-tools | SECUNIA | secunia.com | |
| US-CERT Vulnerability Note VU#226364 | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.