Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2640

5 documents5 sources

Severity

5.0MEDIUM

EPSS

5.9%

top 9.42%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Juniper Netscreen-5gt Juniper Netscreen-idp Juniper Netscreen-idp 10 +11 more

Timeline

PublishedAug 23

Latest updateMay 1

Description

Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages14 packages

▶NVDjuniper/netscreen_screenos108 versions+107

▶NVDjuniper/netscreen-5gt5.0

▶NVDjuniper/netscreen-idp3.0, 3.0r1, 3.0r2+2

▶NVDjuniper/netscreen-idp_103.0.1_r1

▶NVDjuniper/netscreen-idp_1003.0.1_r1

🔴Vulnerability Details

GHSA

GHSA-8h6v-vg4c-567j: Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5↗2022-05-01

▶

CVEList

CVE-2005-2640: Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5↗2005-08-20

▶

💥Exploits & PoCs

Exploit-DB

Juniper NetScreen 5.0 - VPN 'Username' Enumeration↗2005-08-18

▶

📋Vendor Advisories

Juniper

CVE-2005-2640: Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication↗2005-08-23

▶