CVE-2005-3666

Name of the Vulnerable Software and Affected Versions Cisco IOS (affected versions not specified) Multiple Cisco products (affected versions not specified)

Description The issue concerns unspecified format string vulnerabilities in implementations of Internet Key Exchange version 1 (IKEv1) and vulnerabilities in the processing of IPSec IKE messages in Cisco products. These vulnerabilities can be exploited to produce a denial of service. The vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for IPSec and IKEv1.

Recommendations For Cisco IOS, update to a version that includes the fix for this issue, after consulting the maintenance provider or checking the software for feature set compatibility and known issues specific to the environment. For Multiple Cisco products, apply the free software made available by Cisco to address this vulnerability, after consulting the maintenance provider or checking the software for feature set compatibility and known issues specific to the environment. As a temporary workaround, consider restricting the processing of IPSec IKE messages to minimize the risk of exploitation.