PT-2008-2791 · Red Hat · Red Hat

Published

2008-03-06

Updated

2022-02-03

CVE-2008-1198

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions Red Hat Enterprise Linux versions 3 through 5

Description The default IPSec ifup script configures racoon to use aggressive IKE mode instead of main IKE mode. This makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.

Recommendations For Red Hat Enterprise Linux versions 3 through 5, consider reconfiguring racoon to use main IKE mode instead of aggressive IKE mode to mitigate the risk of brute force attacks.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2008-1198

RHSA-2012:0312

RHSA-2012_0312

Affected Products

Red Hat

PT-2008-2791 · Red Hat · Red Hat

CVE-2008-1198

Related Identifiers

Affected Products

References · 8