MidnightBSD

Advisories for internet_key_exchange

CVE-2005-3666 HIGH

Multiple unspecified format string vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
internet_key_exchange internet_key_exchange 1
CVE-2005-3667 MEDIUM

Multiple unspecified vulnerabilities in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable. In addition, since "denial of service" is an impact and not a vulnerability, it is unknown which underlying vulnerabilities are actually covered by this particular candidate.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
internet_key_exchange internet_key_exchange 1
CVE-2005-3668 MEDIUM

Multiple buffer overflows in multiple unspecified implementations of Internet Key Exchange version 1 (IKEv1) have multiple unspecified attack vectors and impacts related to denial of service, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of information in the original sources, it is likely that this candidate will be REJECTed once it is known which implementations are actually vulnerable.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
internet_key_exchange internet_key_exchange 1
CVE-2006-1646 MEDIUM

The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in the Shoichi Sakane KAME Project racoon, as used by NetBSD 1.6, 2.x before 20060119, certain FreeBSD releases, and possibly other distributions of BSD or Linux operating systems, when running in aggressive mode, allows remote attackers to cause a denial of service (daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
internet_key_exchange internet_key_exchange 1
CVE-2006-2298 MEDIUM

The Internet Key Exchange version 1 (IKEv1) implementation in the libike library in Solaris 9 and 10 allows remote attackers to cause a denial of service (in.iked daemon crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
internet_key_exchange internet_key_exchange 1