CVE-2005-3732
published 2005-11-21CVE-2005-3732: The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote…
PriorityP426high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
4.57%
90.4th percentile
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ipsec-tools | ipsec-tools | — | — |
| ipsec-tools | ipsec-tools | — | — |
| ipsec-tools | ipsec-tools | — | — |
| ipsec-tools | ipsec-tools | — | — |
| ipsec-tools | ipsec-tools | — | — |
| ipsec-tools | ipsec-tools | — | — |
CVSS provenance
nvdv2.07.8HIGHAV:N/AC:L/Au:N/C:N/I:N/A:C
vendor_redhat7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-wr7q-9p2g-rv39: The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg
ghsa_unreviewed·2022-05-03
CVE-2005-3732 [HIGH] GHSA-wr7q-9p2g-rv39: The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Ubuntu
racoon vulnerability
vendor_ubuntu·2005-12-01
CVE-2005-3732 racoon vulnerability
Title: racoon vulnerability
Summary: racoon vulnerability
The Oulu University Secure Programming Group discovered a remote
Denial of Service vulnerability in the racoon daemon. When the daemon
is configured to use aggressive mode, then it did not check whether
the peer sent all required payloads during the IKE negotiation phase.
A malicious IPsec peer could exploit this to crash the racoon daemon.
Please be aware that racoon is not officially supported by Ubuntu, the
package is in the 'universe' component of the archive.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-11-20·CVSS 7.8
CVE-2005-3732 [HIGH] security flaw
security flaw
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Cisco
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
vendor_cisco·2005-11-14
CVE-2005-3666 CWE-399 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Cisco products contain vulnerabilities in the processing of
IPSec IKE (Internet Key Exchange) messages. These vulnerabilities were
identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS"
Test Suite for IPSec and can be repeatedly exploited to produce a denial of
service.
Cisco has made free software available to address this vulnerability
for affected customers. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set compatibility
and known issues specific to their environment.
This advisory is posted at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20051114-ipsec.
Cisco
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
vendor_cisco
CVE-2005-3732 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
CVE-2005-3732: Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE (Internet Key Exchange) messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of service. Cisco has made free software available to address this vulnerability for affected customers. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20051114-ipsec .
CWE: CWE-399, CWE-
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-3732 security flaw
bugzilla·2018-08-16·CVSS 7.8
CVE-2005-3732 [HIGH] CVE-2005-3732 security flaw
CVE-2005-3732 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
Bugzilla
CVE-2005-3732 ipsec-tools IKE DoS
bugzilla·2006-02-15·CVSS 7.8
CVE-2005-3732 [HIGH] CVE-2005-3732 ipsec-tools IKE DoS
CVE-2005-3732 ipsec-tools IKE DoS
Clone of bug #173841
ipsec-tools IKE DoS
There is a denial of service bug in racoon which can only be triggered
by having a very weak configuration.
More information is in the message posted to the ipsec-tools mailing
list:
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
The patch is here:
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the so
Bugzilla
CVE-2005-3732 ipsec-tools IKE DoS
bugzilla·2005-11-25·CVSS 7.8
CVE-2005-3732 [HIGH] CVE-2005-3732 ipsec-tools IKE DoS
CVE-2005-3732 ipsec-tools IKE DoS
Tracking for FC5test1
+++ This bug was initially created as a clone of Bug #173842 +++
ipsec-tools IKE DoS
There is a denial of service bug in racoon which can only be triggered
by having a very weak configuration.
More information is in the message posted to the ipsec-tools mailing
list:
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
The patch is here:
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u
This issue also affects FC3
Discussion:
These bugs are being closed since a large number of updates have been released
after the FC5 test1 and test2 releases. Kindly update your system by running yum
update as root user or try out the third and
Bugzilla
CVE-2005-3732 ipsec-tools IKE DoS
bugzilla·2005-11-21·CVSS 7.8
CVE-2005-3732 [HIGH] CVE-2005-3732 ipsec-tools IKE DoS
CVE-2005-3732 ipsec-tools IKE DoS
ipsec-tools IKE DoS
There is a denial of service bug in racoon which can only be triggered
by having a very weak configuration.
More information is in the message posted to the ipsec-tools mailing
list:
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
The patch is here:
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u
This issue also affects FC3
Discussion:
This report targets the FC3 or FC4 products, which have now been EOL'd.
Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?
Thanks.
---
change the owner of ipsec-tools
---
These products are no longer in support, pl
Bugzilla
CVE-2005-3732 ipsec-tools IKE DoS
bugzilla·2005-11-21·CVSS 7.8
CVE-2005-3732 [HIGH] CVE-2005-3732 ipsec-tools IKE DoS
CVE-2005-3732 ipsec-tools IKE DoS
ipsec-tools IKE DoS
There is a denial of service bug in racoon which can only be triggered
by having a very weak configuration.
More information is in the message posted to the ipsec-tools mailing
list:
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000
The patch is here:
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u
This issue also affects RHEL3
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.aschttp://archives.neohapsis.com/archives/bugtraq/2005-12/0161.htmlhttp://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=uhttp://rhn.redhat.com/errata/RHSA-2006-0267.htmlhttp://secunia.com/advisories/17668http://secunia.com/advisories/17822http://secunia.com/advisories/17980http://secunia.com/advisories/18115http://secunia.com/advisories/18616http://secunia.com/advisories/18742http://secunia.com/advisories/19833http://secunia.com/advisories/20210http://securitytracker.com/id?1015254http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000http://www.debian.org/security/2006/dsa-965http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/http://www.gentoo.org/security/en/glsa/glsa-200512-04.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:020http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=enhttp://www.novell.com/linux/security/advisories/2005_70_ipsec.htmlhttp://www.securityfocus.com/archive/1/436343/100/0/threadedhttp://www.securityfocus.com/bid/15523http://www.vupen.com/english/advisories/2005/2521https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9857https://usn.ubuntu.com/221-1/ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.aschttp://archives.neohapsis.com/archives/bugtraq/2005-12/0161.htmlhttp://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=uhttp://rhn.redhat.com/errata/RHSA-2006-0267.htmlhttp://secunia.com/advisories/17668http://secunia.com/advisories/17822http://secunia.com/advisories/17980http://secunia.com/advisories/18115http://secunia.com/advisories/18616http://secunia.com/advisories/18742http://secunia.com/advisories/19833http://secunia.com/advisories/20210http://securitytracker.com/id?1015254http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000http://www.debian.org/security/2006/dsa-965http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/http://www.gentoo.org/security/en/glsa/glsa-200512-04.xmlhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:020http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=enhttp://www.novell.com/linux/security/advisories/2005_70_ipsec.htmlhttp://www.securityfocus.com/archive/1/436343/100/0/threadedhttp://www.securityfocus.com/bid/15523http://www.vupen.com/english/advisories/2005/2521https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9857https://usn.ubuntu.com/221-1/
2005-11-21
Published