CVE-2005-3671
 
Severity Score
7.8
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2005-11-18 CVE Reserved
- 2005-11-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (17)
URL | Tag | Source |
---|---|---|
http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html | Mailing List | |
http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html | Mailing List | |
http://jvn.jp/niscc/NISCC-273756/index.html | X_refsource_misc | |
http://secunia.com/advisories/17581 | Third Party Advisory | |
http://secunia.com/advisories/17680 | Third Party Advisory | |
http://secunia.com/advisories/17980 | Third Party Advisory | |
http://secunia.com/advisories/18115 | Third Party Advisory | |
http://securitytracker.com/id?1015214 | Vdb Entry | |
http://www.kb.cert.org/vuls/id/226364 | Third Party Advisory |
URL | Date | SRC |
---|---|---|
http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://www.openswan.org/niscc2 | 2019-07-29 | |
http://www.securityfocus.com/bid/15416 | 2019-07-29 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Frees Wan Search vendor "Frees Wan" | Frees Wan Search vendor "Frees Wan" for product "Frees Wan" | 2.04 Search vendor "Frees Wan" for product "Frees Wan" and version "2.04" | - |
Affected
| ||||||
Openswan Search vendor "Openswan" | Openswan Search vendor "Openswan" for product "Openswan" | 2.1.1 Search vendor "Openswan" for product "Openswan" and version "2.1.1" | - |
Affected
| ||||||
Openswan Search vendor "Openswan" | Openswan Search vendor "Openswan" for product "Openswan" | 2.1.2 Search vendor "Openswan" for product "Openswan" and version "2.1.2" | - |
Affected
| ||||||
Openswan Search vendor "Openswan" | Openswan Search vendor "Openswan" for product "Openswan" | 2.1.4 Search vendor "Openswan" for product "Openswan" and version "2.1.4" | - |
Affected
| ||||||
Openswan Search vendor "Openswan" | Openswan Search vendor "Openswan" for product "Openswan" | 2.1.5 Search vendor "Openswan" for product "Openswan" and version "2.1.5" | - |
Affected
| ||||||
Openswan Search vendor "Openswan" | Openswan Search vendor "Openswan" for product "Openswan" | 2.1.6 Search vendor "Openswan" for product "Openswan" and version "2.1.6" | - |
Affected
| ||||||
Openswan Search vendor "Openswan" | Openswan Search vendor "Openswan" for product "Openswan" | 2.2 Search vendor "Openswan" for product "Openswan" and version "2.2" | - |
Affected
| ||||||
Openswan Search vendor "Openswan" | Openswan Search vendor "Openswan" for product "Openswan" | 2.3 Search vendor "Openswan" for product "Openswan" and version "2.3" | - |
Affected
| ||||||
Xelerance Search vendor "Xelerance" | Openswan Search vendor "Xelerance" for product "Openswan" | 2.4.0 Search vendor "Xelerance" for product "Openswan" and version "2.4.0" | - |
Affected
|