CVE-2005-3667

Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. In addition, since "denial of service" is an impact and not a vulnerability, it is unknown which underlying vulnerabilities are actually covered by this particular candidate.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en	Vendor Advisory
http://jvn.jp/niscc/NISCC-273756/index.html
http://www.kb.cert.org/vuls/id/226364	Third Party Advisory US Government Resource

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:internet_key_exchange:internet_key_exchange:1:*:*:*:*:*:*:*

Information

Published : 2005-11-18 13:03

Updated : 2008-09-05 13:54

NVD link : CVE-2005-3667

Mitre link : CVE-2005-3667

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

internet_key_exchange

internet_key_exchange

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/", "name": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/", "tags": [], "refsource": "MISC"}, {"url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en", "name": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "http://jvn.jp/niscc/NISCC-273756/index.html", "name": "http://jvn.jp/niscc/NISCC-273756/index.html", "tags": [], "refsource": "MISC"}, {"url": "http://www.kb.cert.org/vuls/id/226364", "name": "VU#226364", "tags": ["Third Party Advisory", "US Government Resource"], "refsource": "CERT-VN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. In addition, since \"denial of service\" is an impact and not a vulnerability, it is unknown which underlying vulnerabilities are actually covered by this particular candidate."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-3667", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-11-18T21:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:internet_key_exchange:internet_key_exchange:1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-05T20:54Z"}