ID

VAR-200511-0015

CVE

CVE-2005-3669

TITLE

Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations

DESCRIPTION

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. Various Cisco IOS, PIX Firewall, Firewall Services Module (FWSM), VPN 3000 Series Concentrator, and MDS Series SanOS releases are prone to denial of service attacks. These issues are due to security flaws in Cisco's IPSec implementation. The vulnerabilities may be triggered by malformed IKE traffic. Successful attacks will cause most affected devices to restart. For Cisco MDS Series devices, this is limited to causing the IKE process to restart. IP Security or IPSec (full name Internet Protocol Security) is a set of IP security protocols established by the IPSec group of the Internet Engineering Task Force (IETF). Access control, data source address verification, data integrity check and prevention of replay attacks. Vulnerabilities exist in the handling of IPSec IKE messages in several Cisco products. IPSec's PROTOS test suite can test the design limitations of IPSec implementations by sending malformed IKE messages to target devices. TITLE: IPsec-Tools ISAKMP IKE Message Processing Denial of Service SECUNIA ADVISORY ID: SA17668 VERIFY ADVISORY: http://secunia.com/advisories/17668/ CRITICAL: Moderately critical IMPACT: DoS WHERE: >From remote SOFTWARE: IPsec-Tools 0.x http://secunia.com/product/3352/ DESCRIPTION: A vulnerability has been reported in IPsec-Tools, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereferencing error when processing certain ISAKMP packets in aggressive mode. The vulnerability is related to: SA17553 Successful exploitation requires a weak racoon configuration (e.g. no lifetime proposal or obey mode), and using 3DES/SHA1/DH2. SOLUTION: Update to version 0.6.3. http://sourceforge.net/project/showfiles.php?group_id=74601&package_id=74949&release_id=372605 PROVIDED AND/OR DISCOVERED BY: The vendor credits Adrian Portelli. ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000 http://sourceforge.net/project/shownotes.php?release_id=372605&group_id=74601 OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

other

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Cisco Security bulletin NISCC albatross@tim.it

SOURCES

LAST UPDATE DATE

2024-05-04T22:28:18.940000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE