// For flags

CVE-2005-3732

Ubuntu Security Notice 221-1

Severity Score

7.5
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

The Oulu University Secure Programming Group discovered a remote Denial of Service vulnerability in the racoon daemon. When the daemon is configured to use aggressive mode, then it did not check whether the peer sent all required payloads during the IKE negotiation phase. A malicious IPsec peer could exploit this to crash the racoon daemon.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2005-11-21 CVE Reserved
  • 2005-11-21 CVE Published
  • 2024-08-07 CVE Updated
  • 2026-03-02 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
CAPEC
References (27)
URL Tag Source
http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html Mailing List
http://secunia.com/advisories/18616 Third Party Advisory
http://securitytracker.com/id?1015254 Vdb Entry
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000 Mailing List
http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp X_refsource_misc
http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en X_refsource_misc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9857 Signature
URL Date SRC
URL Date SRC
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u 2018-10-19
http://secunia.com/advisories/17668 2018-10-19
http://www.securityfocus.com/bid/15523 2018-10-19
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc 2018-10-19
http://rhn.redhat.com/errata/RHSA-2006-0267.html 2018-10-19
http://secunia.com/advisories/17822 2018-10-19
http://secunia.com/advisories/17980 2018-10-19
http://secunia.com/advisories/18115 2018-10-19
http://secunia.com/advisories/18742 2018-10-19
http://secunia.com/advisories/19833 2018-10-19
http://secunia.com/advisories/20210 2018-10-19
http://www.debian.org/security/2006/dsa-965 2018-10-19
http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml 2018-10-19
http://www.mandriva.com/security/advisories?name=MDKSA-2006:020 2018-10-19
http://www.novell.com/linux/security/advisories/2005_70_ipsec.html 2018-10-19
http://www.securityfocus.com/archive/1/436343/100/0/threaded 2018-10-19
http://www.vupen.com/english/advisories/2005/2521 2018-10-19
https://usn.ubuntu.com/221-1 2018-10-19
https://access.redhat.com/security/cve/CVE-2005-3732 2006-04-25
https://bugzilla.redhat.com/show_bug.cgi?id=1617837 2006-04-25
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ipsec-tools
Search vendor "Ipsec-tools"
 Ipsec-tools
Search vendor "Ipsec-tools" for product "Ipsec-tools"
 0.5
Search vendor "Ipsec-tools" for product "Ipsec-tools" and version "0.5"
-
Affected
Ipsec-tools
Search vendor "Ipsec-tools"
 Ipsec-tools
Search vendor "Ipsec-tools" for product "Ipsec-tools"
 0.5.1
Search vendor "Ipsec-tools" for product "Ipsec-tools" and version "0.5.1"
-
Affected
Ipsec-tools
Search vendor "Ipsec-tools"
 Ipsec-tools
Search vendor "Ipsec-tools" for product "Ipsec-tools"
 0.5.2
Search vendor "Ipsec-tools" for product "Ipsec-tools" and version "0.5.2"
-
Affected
Ipsec-tools
Search vendor "Ipsec-tools"
 Ipsec-tools
Search vendor "Ipsec-tools" for product "Ipsec-tools"
 0.6
Search vendor "Ipsec-tools" for product "Ipsec-tools" and version "0.6"
-
Affected
Ipsec-tools
Search vendor "Ipsec-tools"
 Ipsec-tools
Search vendor "Ipsec-tools" for product "Ipsec-tools"
 0.6.1
Search vendor "Ipsec-tools" for product "Ipsec-tools" and version "0.6.1"
-
Affected
Ipsec-tools
Search vendor "Ipsec-tools"
 Ipsec-tools
Search vendor "Ipsec-tools" for product "Ipsec-tools"
 0.6.2
Search vendor "Ipsec-tools" for product "Ipsec-tools" and version "0.6.2"
-
Affected