CVE-2005-3671

{"id": "CVE-2005-3671", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-11-18T21:03:00.000", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html", "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html", "source": "cve@mitre.org"}, {"url": "http://jvn.jp/niscc/NISCC-273756/index.html", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17581", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17680", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17980", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/18115", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015214", "source": "cve@mitre.org"}, {"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/226364", "tags": ["Third Party Advisory", "US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html", "source": "cve@mitre.org"}, {"url": "http://www.openswan.org/niscc2/", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html", "source": "cve@mitre.org"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15416", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://jvn.jp/niscc/NISCC-273756/index.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/17581", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/17680", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/17980", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/18115", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015214", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/226364", "tags": ["Third Party Advisory", "US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.openswan.org/niscc2/", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/15416", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1."}], "lastModified": "2024-11-21T00:02:24.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:frees_wan:frees_wan:2.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "68C84C1F-2804-4E5F-B34E-D75530CD5A71"}, {"criteria": "cpe:2.3:a:openswan:openswan:2.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A9EABDE-514F-42BA-A335-135209605981"}, {"criteria": "cpe:2.3:a:openswan:openswan:2.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2425AF51-C42B-4EAA-A619-EE47EAFCBA83"}, {"criteria": "cpe:2.3:a:openswan:openswan:2.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "892D939B-4649-4B90-A2C0-6C2E4DDF7DFD"}, {"criteria": "cpe:2.3:a:openswan:openswan:2.1.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A321B57-5E08-48C8-9288-A92342770FD1"}, {"criteria": "cpe:2.3:a:openswan:openswan:2.1.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54780B50-9CFE-43B6-8BB9-C7246F817773"}, {"criteria": "cpe:2.3:a:openswan:openswan:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "001E2700-CE33-495A-8F8A-81E2E550CFF2"}, {"criteria": "cpe:2.3:a:openswan:openswan:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A628FE6-A042-4DF9-A141-8BE65FD236C5"}, {"criteria": "cpe:2.3:a:xelerance:openswan:2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7841F42-1226-43C4-A007-88847925D872"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}