CVE-2005-1802

Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://securitytracker.com/id?1014068
http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/
http://www.securityfocus.com/archive/1/399423
http://www.securityfocus.com/bid/13792	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:nortel:contivity:1000_vpn_switch:::::::*
	cpe:2.3:h:nortel:contivity:1500_vpn_switch:::::::*
	cpe:2.3:h:nortel:contivity:1600_secure_ip_services_gateway:::::::*
	cpe:2.3:h:nortel:contivity:2000_vpn_switch:::::::*
	cpe:2.3:h:nortel:contivity:2500_vpn_switch:::::::*
	cpe:2.3:h:nortel:contivity:2600_secure_ip_services_gateway:::::::*
	cpe:2.3:h:nortel:contivity:4000_vpn_switch:::::::*
	cpe:2.3:h:nortel:contivity:4500_secure_ip_services_gateway:::::::*
	cpe:2.3:h:nortel:contivity:4600_secure_ip_services_gateway:::::::*
	cpe:2.3:h:nortel:vpn_router_1010::::::::
	cpe:2.3:h:nortel:vpn_router_1050::::::::
	cpe:2.3:h:nortel:vpn_router_1100::::::::
	cpe:2.3:h:nortel:vpn_router_1700::::::::
	cpe:2.3:h:nortel:vpn_router_1740::::::::
	cpe:2.3:h:nortel:vpn_router_2700::::::::
	cpe:2.3:h:nortel:vpn_router_5000::::::::
	cpe:2.3:h:nortel:vpn_router_600::::::::

History

No history.

Information

Published : 2005-05-27 04:00

Updated : 2024-02-28 10:42

NVD link : CVE-2005-1802

Mitre link : CVE-2005-1802

CVE.ORG link : CVE-2005-1802

JSON object : View

Products Affected

nortel

vpn_router_1740
vpn_router_1700
vpn_router_1100
vpn_router_600
vpn_router_2700
vpn_router_1010
vpn_router_1050
contivity
vpn_router_5000

CWE

NVD-CWE-Other

{"id": "CVE-2005-1802", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-05-27T04:00:00.000", "references": [{"url": "http://securitytracker.com/id?1014068", "source": "cve@mitre.org"}, {"url": "http://www.nta-monitor.com/news/vpn-flaws/nortel/vpn-router-dos/", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/399423", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/13792", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header."}], "lastModified": "2008-09-05T20:50:08.417", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:nortel:contivity:1000_vpn_switch:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4342FEF4-588B-459B-9490-3FD89B229E64"}, {"criteria": "cpe:2.3:h:nortel:contivity:1500_vpn_switch:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D842866D-3609-4E56-9A49-4DEA16E5642F"}, {"criteria": "cpe:2.3:h:nortel:contivity:1600_secure_ip_services_gateway:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9231EA1-BA0F-4A4D-955A-651447AFC91B"}, {"criteria": "cpe:2.3:h:nortel:contivity:2000_vpn_switch:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F31FDFE3-82C9-47CA-A5FF-E5A2491794FE"}, {"criteria": "cpe:2.3:h:nortel:contivity:2500_vpn_switch:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5ED1556-CDAE-4149-B2AF-2B252D94E65A"}, {"criteria": "cpe:2.3:h:nortel:contivity:2600_secure_ip_services_gateway:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06A34A14-A349-43C4-A03C-8320E56AC2A6"}, {"criteria": "cpe:2.3:h:nortel:contivity:4000_vpn_switch:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BDC7887D-9D8C-46D8-9065-23D41CF07E88"}, {"criteria": "cpe:2.3:h:nortel:contivity:4500_secure_ip_services_gateway:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C76FDA60-BACA-4A2E-8112-F00DC9B89694"}, {"criteria": "cpe:2.3:h:nortel:contivity:4600_secure_ip_services_gateway:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B860310F-F1F1-45A5-A324-AAA9735C92F5"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1010:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "370BE654-2A89-4FA9-BE88-3E4CA19441FC"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1050:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD74483C-842C-4E01-A786-C34866B548FA"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1100:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DC585A5-DBBE-4236-801A-F52523A5C5DF"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1700:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B922ADAB-F42F-4113-8222-0493FE74CF6F"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_1740:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF2FF1CE-97F7-4951-8FD7-59657670BF05"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_2700:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23377D6E-6C2C-425B-A6DC-E5319B327DC3"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_5000:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9050DFE2-99C6-41F0-AD1D-5EDFB9B15D8C"}, {"criteria": "cpe:2.3:h:nortel:vpn_router_600:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CC34C85-99E9-4DAB-B19E-9179813C0398"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}