CVE-2005-3985
published 2005-12-04CVE-2005-3985: The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and…
PriorityP429high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
4.25%
89.8th percentile
The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| astaro | security_linux | — | — |
| astaro | security_linux | — | — |
| astaro | security_linux | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-qx5v-53hw-g8w8: The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2005-3985 [CRITICAL] GHSA-qx5v-53hw-g8w8: The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6
The Internet Key Exchange version 1 (IKEv1) implementation in Astaro Security Linux before 6.102 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.
Cisco
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
vendor_cisco·2005-11-14
CVE-2005-3666 CWE-399 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Cisco products contain vulnerabilities in the processing of
IPSec IKE (Internet Key Exchange) messages. These vulnerabilities were
identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS"
Test Suite for IPSec and can be repeatedly exploited to produce a denial of
service.
Cisco has made free software available to address this vulnerability
for affected customers. Prior to deploying software, customers should consult
their maintenance provider or check the software for feature set compatibility
and known issues specific to their environment.
This advisory is posted at
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20051114-ipsec.
Cisco
Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
vendor_cisco
CVE-2005-3985 Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
CVE-2005-3985: Multiple Vulnerabilities Found by PROTOS IPSec Test Suite
Multiple Cisco products contain vulnerabilities in the processing of IPSec IKE (Internet Key Exchange) messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for IPSec and can be repeatedly exploited to produce a denial of service. Cisco has made free software available to address this vulnerability for affected customers. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20051114-ipsec .
CWE: CWE-399, CWE-
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/17838http://www.astaro.org/showflat.php?Cat=&Number=63958&page=0&view=collapsed&sb=5&o=&fpart=1#63958http://www.securityfocus.com/bid/15666http://www.vupen.com/english/advisories/2005/2678http://secunia.com/advisories/17838http://www.astaro.org/showflat.php?Cat=&Number=63958&page=0&view=collapsed&sb=5&o=&fpart=1#63958http://www.securityfocus.com/bid/15666http://www.vupen.com/english/advisories/2005/2678
2005-12-04
Published