IETF IPSEC Protocol Encapsulating Security Payload Vulnerability

BID:13562

Info

IETF IPSEC Protocol Encapsulating Security Payload Vulnerability

Bugtraq ID: 13562
Class: Design Error
CVE: CVE-2005-0039
Remote: Yes
Local: No
Published: May 09 2005 12:00AM
Updated: Jul 12 2009 02:06PM
Credit: These attacks were reported by NISCC.
Vulnerable: IETF RFC 2406: IPSEC
HP Tru64 5.1 B-3
HP Tru64 5.1 B-2 PK4
HP HP-UX B.11.23
HP HP-UX B.11.11
HP HP-UX B.11.00
Hitachi GR2000-BH
Hitachi GR2000-2B+
Hitachi GR2000-2B
Hitachi GR2000-1B
Not Vulnerable:

Discussion

IETF IPSEC Protocol Encapsulating Security Payload Vulnerability

A vulnerability affects certain configurations of IPSec.

When IPSec is configured to employ Encapsulating Security Payload (ESP) in tunnel mode with confidentiality only, where Authentication Header (AH) is not being used to provide packet integrity protection, certain attacks against the IPSec protocol are possible.

Reports indicate that these attacks may also potentially be possible against IPSec when AH is in use, but only under certain unspecified configurations.

The reported attacks take advantage of the fact that no ESP packet payload integrity checks exist when ESP is configured in the vulnerable aforementioned manner.

This issue may be leveraged by an attacker to reveal plaintext IP datagrams and potentially sensitive information. Information harvested in this manner may be used to aid in further attacks.

This BID will be updated as further information is made available.

Exploit / POC

IETF IPSEC Protocol Encapsulating Security Payload Vulnerability

The discoverer of this issue reports that a reliable exploit was created to leverage this issue. This exploit is not believed to be public.

Solution / Fix

IETF IPSEC Protocol Encapsulating Security Payload Vulnerability

Solution:
Hitachi GR2000-B Series routers are affected by this vulnerability. Hitachi has advised affected users to use the AH protocol workaround to mitigate this issue.

HP has released advisory SSRT5957, along with fixes to address this issue. Please see the referenced advisory for further information.

HP has released advisory HPSBUX02079 and fixes to address this issue. Please see the referenced advisory for details.


HP Tru64 5.1 B-2 PK4

HP Tru64 5.1 B-3

References

© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report