CVE-2008-1198

The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:N/A:N

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.ernw.de/download/pskattack.pdf	Exploit
https://bugzilla.redhat.com/show_bug.cgi?id=435274	Issue Tracking
http://www.securitytracker.com/id?1019563	Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/41053	VDB Entry
http://secunia.com/advisories/48045	Broken Link

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redhat:enterprise_linux:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:3.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

Information

Published : 2008-03-06 13:44

Updated : 2022-02-03 11:56

NVD link : CVE-2008-1198

Mitre link : CVE-2008-1198

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

redhat

enterprise_linux

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.ernw.de/download/pskattack.pdf", "name": "http://www.ernw.de/download/pskattack.pdf", "tags": ["Exploit"], "refsource": "MISC"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=435274", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=435274", "tags": ["Issue Tracking"], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id?1019563", "name": "1019563", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41053", "name": "ipsec-ifup-weak-security(41053)", "tags": ["VDB Entry"], "refsource": "XF"}, {"url": "http://secunia.com/advisories/48045", "name": "48045", "tags": ["Broken Link"], "refsource": "SECUNIA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2008-1198", "ASSIGNER": "secalert@redhat.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2008-03-06T21:44Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-02-03T19:56Z"}