CVE-2005-2640
published 2005-08-23CVE-2005-2640: Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows…
medium5CVSS 3.1
AVNACLAuNCPINAN
EXPLOIT
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
Affected
130 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| juniper | netscreen-5gt | — | — |
| juniper | netscreen-idp | — | — |
| juniper | netscreen-idp | — | — |
| juniper | netscreen-idp | — | — |
| juniper | netscreen-idp_10 | — | — |
| juniper | netscreen-idp_100 | — | — |
| juniper | netscreen-idp_1000 | — | — |
| juniper | netscreen-idp_500 | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |
| juniper | netscreen_screenos | — | — |