PT-2005-5616 · Unknown+3 · Ipsec-Tools+5

Published

1970-01-01

Updated

2018-10-19

CVE-2005-3732

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions openswan versions prior to 2.4.4 ipsec-tools versions prior to 0.6.3

Description The issue concerns multiple vulnerabilities in the openswan and ipsec-tools packages, which can lead to a denial of service, resulting in the disruption of protected information availability. These vulnerabilities can be exploited remotely. The vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of service.

Recommendations For openswan versions prior to 2.4.4, update to version 2.4.4 or later to address the vulnerabilities. For ipsec-tools versions prior to 0.6.3, update to version 0.6.3 or later to address the vulnerabilities. As a temporary workaround, consider restricting access to the isakmp agg.c implementation in racoon to minimize the risk of exploitation.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

BDU:2015-04788

BDU:2015-04812

BDU:2015-04813

BDU:2015-09489

CVE-2005-3732

DSA-965-1

RHSA-2006:0267

RHSA-2006_0267

Affected Products

Cisco Asa

Cisco Ios

Cisco Wls

Red Hat

Ipsec-Tools

Openswan

PT-2005-5616 · Unknown+3 · Ipsec-Tools+5

CVE-2005-3732

Weakness Enumeration

Related Identifiers

Affected Products

References · 36