CVE-2005-1058

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2T, 12.3 and 12.3T

Description The issue allows remote attackers to bypass XAUTH authentication after Phase 1 negotiation when processing an ISAKMP profile. This occurs because certain attributes in the ISAKMP profile are not properly processed, enabling attackers to move to Phase 2 negotiations.

Recommendations For Cisco IOS versions 12.2T, 12.3 and 12.3T, consider disabling XAUTH authentication as a temporary workaround until a patch is available. Restrict access to ISAKMP profiles to minimize the risk of exploitation. Avoid using ISAKMP profiles that specify XAUTH authentication until the issue is resolved.