CVE-2005-3671

The Internet Key Exchange version 1 (IKEv1) implementation in Openswan 2 (openswan-2) before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.04_1.5.4-1.23, allow remote attackers to cause a denial of service via (1) a crafted packet using 3DES with an invalid key length, or (2) unspecified inputs when Aggressive Mode is enabled and the PSK is known, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Published: Nov 18, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-3671
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.8
AV:N/AC:L/Au:N/C:N/I:N/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
openswan / openswan	2.1.6	2.1.6.x
openswan / openswan	2.1.4	2.1.4.x
openswan / openswan	2.3	2.3.x
openswan / openswan	2.2	2.2.x
openswan / openswan	2.1.1	2.1.1.x
frees_wan / frees_wan	2.04	2.04.x
openswan / openswan	2.1.5	2.1.5.x
openswan / openswan	2.1.2	2.1.2.x
xelerance / openswan	2.4.0	2.4.0.x

http://archives.neohapsis.com/archives/bugtraq/2005-12/0138.html
http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html
http://jvn.jp/niscc/NISCC-273756/index.html
http://secunia.com/advisories/17581
http://secunia.com/advisories/17680
http://secunia.com/advisories/17980
http://secunia.com/advisories/18115
http://securitytracker.com/id?1015214
http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml
http://www.kb.cert.org/vuls/id/226364
http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
http://www.novell.com/linux/security/advisories/2005_70_ipsec.html
http://www.openswan.org/niscc2/
http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00057.html
http://www.redhat.com/archives/fedora-announce-list/2005-November/msg00058.html
http://www.securityfocus.com/bid/15416

Vulnerability Database

289,697

CVE-2005-3671