CVE-2005-3671 — Openswan vulnerability

CWE-3995 documents4 sources

Severity

7.8HIGHNVD

EPSS

6.7%

top 8.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Frees WAN Openswan Xelerance Openswan

Timeline

PublishedNov 18

Latest updateMay 1

Description

The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

▶NVDopenswan/openswan7 versions+6

▶NVDxelerance/openswan2.4.0

▶NVDfrees_wan/frees_wan2.04

Patches

Patch: www.openswan.org ↗Patch: www.securityfocus.com ↗Patch: www.openswan.org ↗

🔴Vulnerability Details

GHSA

GHSA-rv79-rv3w-mqqc: The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2↗2022-05-01

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities Found by PROTOS IPSec Test Suite↗2005-11-14

▶

Cisco

Multiple Vulnerabilities Found by PROTOS IPSec Test Suite↗

▶

💬Community

Bugzilla

CVE-2005-3671 Openswan Denial of Service↗2005-11-25

▶