Cisco IOS Unauthorized Security Association Establishment Vulnerability
BID:13033
Info
Cisco IOS Unauthorized Security Association Establishment Vulnerability
| Bugtraq ID: | 13033 |
| Class: | Race Condition Error |
| CVE: |
CVE-2005-1058 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 06 2005 12:00AM |
| Updated: | Jul 12 2009 11:57AM |
| Credit: | This issue was announced by the vendor. |
| Vulnerable: |
Cisco IOS 12.3YK Cisco IOS 12.3YJ Cisco IOS 12.3YI Cisco IOS 12.3YH Cisco IOS 12.3YG Cisco IOS 12.3YF Cisco IOS 12.3YD Cisco IOS 12.3YC Cisco IOS 12.3YA Cisco IOS 12.3XY Cisco IOS 12.3XX Cisco IOS 12.3XW Cisco IOS 12.3XU Cisco IOS 12.3XT Cisco IOS 12.3XS Cisco IOS 12.3XR Cisco IOS 12.3XQ Cisco IOS 12.3XN Cisco IOS 12.3XM Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XH Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XE Cisco IOS 12.3XD Cisco IOS 12.3XC Cisco IOS 12.3XB Cisco IOS 12.3XA Cisco IOS 12.3T Cisco IOS 12.3BW Cisco IOS 12.3BC Cisco IOS 12.3B Cisco IOS 12.3 Cisco IOS 12.2ZP Cisco IOS 12.2ZN Cisco IOS 12.2ZL Cisco IOS 12.2ZK Cisco IOS 12.2ZJ Cisco IOS 12.2ZJ Cisco IOS 12.2ZJ Cisco IOS 12.2ZH Cisco IOS 12.2ZH Cisco IOS 12.2ZG Cisco IOS 12.2ZG Cisco IOS 12.2ZF Cisco IOS 12.2ZF Cisco IOS 12.2ZE Cisco IOS 12.2ZE Cisco IOS 12.2ZD Cisco IOS 12.2ZD Cisco IOS 12.2ZC Cisco IOS 12.2ZC Cisco IOS 12.2ZB Cisco IOS 12.2ZB Cisco IOS 12.2YY Cisco IOS 12.2YY Cisco IOS 12.2YX Cisco IOS 12.2YX Cisco IOS 12.2YW Cisco IOS 12.2YW Cisco IOS 12.2YW Cisco IOS 12.2YV Cisco IOS 12.2YV Cisco IOS 12.2YU Cisco IOS 12.2YU Cisco IOS 12.2YT Cisco IOS 12.2YT Cisco IOS 12.2YR Cisco IOS 12.2YR Cisco IOS 12.2YQ Cisco IOS 12.2YQ Cisco IOS 12.2YP Cisco IOS 12.2YP Cisco IOS 12.2YN Cisco IOS 12.2YN Cisco IOS 12.2YM Cisco IOS 12.2YM Cisco IOS 12.2YL Cisco IOS 12.2YL Cisco IOS 12.2YJ Cisco IOS 12.2YH Cisco IOS 12.2YG Cisco IOS 12.2YF Cisco IOS 12.2YD Cisco IOS 12.2YB Cisco IOS 12.2YA Cisco IOS 12.2XZ Cisco IOS 12.2XW Cisco IOS 12.2XM Cisco IOS 12.2XL Cisco IOS 12.2XK Cisco IOS 12.2XK Cisco IOS 12.2XK Cisco IOS 12.2XJ Cisco IOS 12.2XJ Cisco IOS 12.2T Cisco IOS 12.2SY Cisco IOS 12.2SY Cisco IOS 12.2SXD Cisco IOS 12.2SXB Cisco IOS 12.2SXA Cisco IOS 12.2SX Cisco IOS 12.2SU Cisco IOS 12.2JK Cisco IOS 12.2CZ Cisco IOS 12.2CY Cisco IOS 12.2CY Cisco IOS 12.2CX Cisco IOS 12.2CX Cisco IOS 12.2CX Cisco IOS 12.2BZ Cisco IOS 12.2BY Cisco IOS 12.2BX Cisco IOS 12.2BC Cisco IOS 12.2B Cisco IOS 12.2 |
| Not Vulnerable: | |
Discussion
Cisco IOS Unauthorized Security Association Establishment Vulnerability
Cisco IOS is prone to an issue related to XAUTH and ISAKMP profiles that may allow a malicious VPN client to gain unauthorized access to a VPN.
The vulnerability occurs in a case where attributes in an ISAKMP profile that have been assigned to remote peer are not processed. This will present a window of opportunity for the remote client to initiate Phase 2 IKE negotiation and cause an unauthorized IPSec SA (Security Association) to be established.
It is noted that the vulnerability only affects those ISAKMP profiles that are matched by pre-configured certificate maps.
Cisco IOS is prone to an issue related to XAUTH and ISAKMP profiles that may allow a malicious VPN client to gain unauthorized access to a VPN.
The vulnerability occurs in a case where attributes in an ISAKMP profile that have been assigned to remote peer are not processed. This will present a window of opportunity for the remote client to initiate Phase 2 IKE negotiation and cause an unauthorized IPSec SA (Security Association) to be established.
It is noted that the vulnerability only affects those ISAKMP profiles that are matched by pre-configured certificate maps.
Exploit / POC
Cisco IOS Unauthorized Security Association Establishment Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Cisco IOS Unauthorized Security Association Establishment Vulnerability
Solution:
Cisco has provided a fix matrix for IOS in the attached advisory. Please refer to the advisory for further information. Cisco fixes may be obtained by customers through the regular update channels.
Solution:
Cisco has provided a fix matrix for IOS in the attached advisory. Please refer to the advisory for further information. Cisco fixes may be obtained by customers through the regular update channels.
References
Cisco IOS Unauthorized Security Association Establishment Vulnerability
References:
References: