CVE-2005-4566

Name of the Vulnerable Software and Affected Versions ADTRAN NetVanta versions prior to 10.03.03.E Multiple Cisco products (affected versions not specified)

Description The issue is related to a buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation, which might allow remote attackers to have an unknown impact via crafted IKE packets. This was demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. The vulnerability in the processing of IPSec IKE messages can be repeatedly exploited to produce a denial of service.

Recommendations For ADTRAN NetVanta versions prior to 10.03.03.E, update to version 10.03.03.E or later. For Multiple Cisco products, Cisco has made free software available to address this vulnerability; customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment before deploying the software. As a temporary workaround, consider disabling the IKEv1 implementation until a patch is available. Restrict access to IPSec IKE messages to minimize the risk of exploitation.