var-200511-0061
Vulnerability from variot
The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the “Overview” for the impact of this vulnerability. IPsec-Tools is prone to a denial-of-service vulnerability. This issue is due to a failure in the application to handle exceptional conditions when in 'AGGRESSIVE' mode. An attacker can exploit this issue to crash the application, thus denying service to legitimate users. These vulnerabilities were discovered by, and may be reproduced by, the University of Oulu Secure Programming Group PROTOS IPSec Test Suite. --------------------------------------------------------------------- Fedora Legacy Update Advisory
Synopsis: Updated ipsec-tools package fixes security issue Advisory ID: FLSA:190941 Issue date: 2006-06-06 Product: Fedora Core Keywords: Bugfix CVE Names: CVE-2005-3732
- Topic:
An updated ipsec-tools package that fixes a bug in racoon is now available.
The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon.
- Relevant releases/architectures:
Fedora Core 2 - i386 Fedora Core 3 - i386, x86_64
- Problem description:
A denial of service flaw was found in the ipsec-tools racoon daemon. If a victim's machine has racoon configured in a non-recommended insecure manner, it is possible for a remote attacker to crash the racoon daemon. (CVE-2005-3732)
Users of ipsec-tools should upgrade to this updated package, which contains backported patches, and is not vulnerable to this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (.rpm) if your current directory only* contains the desired RPMs.
Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue:
yum update
or to use apt:
apt-get update; apt-get upgrade
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www.fedoralegacy.org/docs for directions on how to configure yum and apt-get.
- Bug IDs fixed:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190941
- RPMs required:
Fedora Core 2:
SRPM: http://download.fedoralegacy.org/fedora/2/updates/SRPMS/ipsec-tools-0.5-2.fc2.1.legacy.src.rpm
i386: http://download.fedoralegacy.org/fedora/2/updates/i386/ipsec-tools-0.5-2.fc2.1.legacy.i386.rpm
Fedora Core 3:
SRPM: http://download.fedoralegacy.org/fedora/3/updates/SRPMS/ipsec-tools-0.5-2.fc3.1.legacy.src.rpm
i386: http://download.fedoralegacy.org/fedora/3/updates/i386/ipsec-tools-0.5-2.fc3.1.legacy.i386.rpm
x86_64: http://download.fedoralegacy.org/fedora/3/updates/x86_64/ipsec-tools-0.5-2.fc3.1.legacy.x86_64.rpm
- Verification:
SHA1 sum Package Name
fc2: e8f91c085fb9533106c6ebc442572bd0b22f2470 fedora/2/updates/i386/ipsec-tools-0.5-2.fc2.1.legacy.i386.rpm 292a0a1426bc75abf0b34a3c91279a40ea78aac2 fedora/2/updates/SRPMS/ipsec-tools-0.5-2.fc2.1.legacy.src.rpm
fc3: e49b07bcc0e3dbe56401056b65b36133dabb4b6c fedora/3/updates/i386/ipsec-tools-0.5-2.fc3.1.legacy.i386.rpm 10eed18767204b88c2811115d889c0a372079ec2 fedora/3/updates/x86_64/ipsec-tools-0.5-2.fc3.1.legacy.x86_64.rpm 0832eb1da62b597bc32b26ce9e8429d7e67f43d2 fedora/3/updates/SRPMS/ipsec-tools-0.5-2.fc3.1.legacy.src.rpm
These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy.org/about/security.php
You can verify each package with the following command:
rpm --checksig -v <filename>
If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command:
sha1sum <filename>
- References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732
- Contact:
The Fedora Legacy security contact is secnotice@fedoralegacy.org. More project details at http://www.fedoralegacy.org
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200512-04
http://security.gentoo.org/
Severity: Normal Title: Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Date: December 12, 2005 Bugs: #112568, #113201 ID: 200512-04
Synopsis
Openswan and IPsec-Tools suffer from an implementation flaw which may allow a Denial of Service attack.
Background
Openswan is an implementation of IPsec for Linux. IPsec is widely used to secure exchange of packets at the IP layer and mostly used to implement Virtual Private Networks (VPNs).
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 net-misc/openswan < 2.4.4 >= 2.4.4 2 net-firewall/ipsec-tools < 0.6.3 >= 0.6.3 >= 0.6.2-r1 >= 0.4-r2 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. -------------------------------------------------------------------
Description
The Oulu University Secure Programming Group (OUSPG) discovered that various ISAKMP implementations, including Openswan and racoon (included in the IPsec-Tools package), behave in an anomalous way when they receive and handle ISAKMP Phase 1 packets with invalid or abnormal contents.
Workaround
Avoid using "aggressive mode" in ISAKMP Phase 1, which exchanges information between the sides before there is a secure channel.
Resolution
All Openswan users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openswan-2.4.4"
All IPsec-Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose net-firewall/ipsec-tools
References
[ 1 ] CVE-2005-3671 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3671 [ 2 ] CVE-2005-3732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732 [ 3 ] Original Advisory http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200512-04.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2005 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.0
.
TITLE: Nortel Switched Firewall ISAKMP IKE Message Processing Denial of Service
SECUNIA ADVISORY ID: SA17608
VERIFY ADVISORY: http://secunia.com/advisories/17608/
CRITICAL: Moderately critical
IMPACT: DoS
WHERE:
From remote
OPERATING SYSTEM: Nortel Switched Firewall 5000 Series http://secunia.com/product/6126/ Nortel Switched Firewall 5100 Series http://secunia.com/product/6125/ Nortel Switched Firewall 6000 Series http://secunia.com/product/6124/
DESCRIPTION: A vulnerability has been reported in Nortel Switched Firewall, which potentially can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to unspecified errors in the processing of IKEv1 Phase 1 protocol exchange messages. This may be exploited to cause a DoS via specially crafted IKE packets.
The vulnerability is related to: SA17553
SOLUTION: Refer to the original advisory from Nortel Networks for instructions how to apply fixes.
ORIGINAL ADVISORY: Nortel Networks: http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL&DocumentOID=367651&RenditionID=
NISCC: http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en
OTHER REFERENCES: SA17553: http://secunia.com/advisories/17553/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
The updated packages have been patched to correct this problem.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732
Updated Packages:
Mandriva Linux 10.1: c1f74be6f3c46152881ded66022a3928 10.1/RPMS/ipsec-tools-0.2.5-2.2.101mdk.i586.rpm c8416853386be9e80b5f8ac6de16cf93 10.1/RPMS/libipsec-tools0-0.2.5-2.2.101mdk.i586.rpm 278751ee3fca05321059c67f39f1a0f0 10.1/SRPMS/ipsec-tools-0.2.5-2.2.101mdk.src.rpm
Mandriva Linux 10.1/X86_64: 5d3d19d02d0d5a8eb5fcc237768fb07f x86_64/10.1/RPMS/ipsec-tools-0.2.5-2.2.101mdk.x86_64.rpm 464dadc90a736f6312a6c143c12a4cce x86_64/10.1/RPMS/lib64ipsec-tools0-0.2.5-2.2.101mdk.x86_64.rpm 278751ee3fca05321059c67f39f1a0f0 x86_64/10.1/SRPMS/ipsec-tools-0.2.5-2.2.101mdk.src.rpm
Mandriva Linux 10.2: 75b061a206ba4a943904d384e489036c 10.2/RPMS/ipsec-tools-0.5-4.2.102mdk.i586.rpm 3c17715ce5bd1e63347e844bca518fa3 10.2/RPMS/libipsec0-0.5-4.2.102mdk.i586.rpm c221e9fbca14cc956df812605aa67b96 10.2/RPMS/libipsec0-devel-0.5-4.2.102mdk.i586.rpm 313ae7a9fd1eceb117515c61f19f0a2a 10.2/SRPMS/ipsec-tools-0.5-4.2.102mdk.src.rpm
Mandriva Linux 10.2/X86_64: 2de25a175eff7fbb77758993965110a5 x86_64/10.2/RPMS/ipsec-tools-0.5-4.2.102mdk.x86_64.rpm ff5095c574441578b6e6e1c9384bf05c x86_64/10.2/RPMS/lib64ipsec0-0.5-4.2.102mdk.x86_64.rpm db6e3f33dc2326528a4c22e199e2c0fa x86_64/10.2/RPMS/lib64ipsec0-devel-0.5-4.2.102mdk.x86_64.rpm 313ae7a9fd1eceb117515c61f19f0a2a x86_64/10.2/SRPMS/ipsec-tools-0.5-4.2.102mdk.src.rpm
Mandriva Linux 2006.0: a3881692a4ee81a3e4759500691ba86d 2006.0/RPMS/ipsec-tools-0.5.2-5.1.20060mdk.i586.rpm 4523963e017054a149cc9c6c46e6fa39 2006.0/RPMS/libipsec0-0.5.2-5.1.20060mdk.i586.rpm 9208a98bc79efce31e8bf08c5a409431 2006.0/RPMS/libipsec0-devel-0.5.2-5.1.20060mdk.i586.rpm 390a8547034610a0ebd6a30f8752c36d 2006.0/SRPMS/ipsec-tools-0.5.2-5.1.20060mdk.src.rpm
Mandriva Linux 2006.0/X86_64: 89c02c5eebb80544fb54cf8876183d92 x86_64/2006.0/RPMS/ipsec-tools-0.5.2-5.1.20060mdk.x86_64.rpm 833ab780f0ef3eb86da1c2aa82746c72 x86_64/2006.0/RPMS/lib64ipsec0-0.5.2-5.1.20060mdk.x86_64.rpm d875aeb7f90b36eba89ff2e2b901a3cc x86_64/2006.0/RPMS/lib64ipsec0-devel-0.5.2-5.1.20060mdk.x86_64.rpm 390a8547034610a0ebd6a30f8752c36d x86_64/2006.0/SRPMS/ipsec-tools-0.5.2-5.1.20060mdk.src.rpm
Multi Network Firewall 2.0: 3a441d674beb304f607975502cb2f302 mnf/2.0/RPMS/ipsec-tools-0.2.5-0.4.M20mdk.i586.rpm 109a0184382426bd065df6000f64189d mnf/2.0/RPMS/libipsec-tools0-0.2.5-0.4.M20mdk.i586.rpm 96dacbdb35121f2f876d1bb19cb00c24 mnf/2.0/SRPMS/ipsec-tools-0.2.5-0.4.M20mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFD19iemqjQ0CJFipgRAp9rAKC7w5Jflg/c/KBy6kdNDiGF8YbgWQCeIbM4 LUncx0ejSC2hQ5/zFlDZKjg= =qhPu -----END PGP SIGNATURE-----
. =========================================================== Ubuntu Security Notice USN-221-1 December 01, 2005 ipsec-tools vulnerability CVE-2005-3732 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 4.10 (Warty Warthog) Ubuntu 5.04 (Hoary Hedgehog) Ubuntu 5.10 (Breezy Badger)
The following packages are affected:
racoon
The problem can be corrected by upgrading the affected package to version 0.3.3-1ubuntu0.2 (for Ubuntu 4.10), 1:0.5-5ubuntu0.1 (for Ubuntu 5.04), or 1:0.6-1ubuntu1.1 (for Ubuntu 5.10). In general, a standard system upgrade is sufficient to effect the necessary changes. When the daemon is configured to use aggressive mode, then it did not check whether the peer sent all required payloads during the IKE negotiation phase. A malicious IPsec peer could exploit this to crash the racoon daemon.
Please be aware that racoon is not officially supported by Ubuntu, the package is in the 'universe' component of the archive.
Updated packages for Ubuntu 4.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2.diff.gz
Size/MD5: 191462 3f68d0eb625f920ef3ab5e4e1a2b942f
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2.dsc
Size/MD5: 705 8c92ea1c2b68e7e335892c10020bafc2
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3.orig.tar.gz
Size/MD5: 864122 b141da8ae299c8fdc53e536f6bbc3ad0
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_amd64.deb
Size/MD5: 106260 491ea714d329c5b0d6b8283c7579140f
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_amd64.deb
Size/MD5: 201510 7c3c1d31969a6924bfe0afbf6f56b468
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_i386.deb
Size/MD5: 101224 5e35a5bfca069cf88d0d349ad86b3cf8
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_i386.deb
Size/MD5: 186400 0627a043d0f0ad1e05830d57c35666f2
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_powerpc.deb
Size/MD5: 108966 67f208c020df5f1194ab71a0569004f2
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_powerpc.deb
Size/MD5: 196078 2acd7c40b8a56db688fc8ac8484272da
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1.diff.gz
Size/MD5: 41200 47ee31ab5776589dd049a90f0437865b
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1.dsc
Size/MD5: 660 cad8e0faad2316aa0a65e28880548f58
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5.orig.tar.gz
Size/MD5: 883484 57de611b23eb141173698478e9b64474
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_amd64.deb
Size/MD5: 80430 47b366f44e0c8fb49ea43500161a6419
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_amd64.deb
Size/MD5: 301450 9fd3f818fc41641ed0e691f69b23c441
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_i386.deb
Size/MD5: 75606 390fe7eb94e2e519bef1a0df6b6d46b5
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_i386.deb
Size/MD5: 276974 baef582ea75ecaf240298d2917b79fac
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_powerpc.deb
Size/MD5: 83030 7880cae89438386a5b9f676760eff1be
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_powerpc.deb
Size/MD5: 296838 f417446dce53652608242e1798663622
Updated packages for Ubuntu 5.10:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1.diff.gz
Size/MD5: 49677 79084ce144e4b54267f69876d8104387
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1.dsc
Size/MD5: 685 c22deb12d9a0943e3a66aad1a83c3857
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.orig.tar.gz
Size/MD5: 905983 2cd85d36012b4d2c6947f7c17ad45b3e
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_amd64.deb
Size/MD5: 85086 e894b1b0168138fdb46d0c55095252bf
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_amd64.deb
Size/MD5: 326258 1e7da4aa300a082cdf8034639de4f0a0
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_i386.deb
Size/MD5: 78912 b46dd5373458dd5500b2513edc6ceec8
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_i386.deb
Size/MD5: 298016 5df2e64e0ac064876aa21d29c086f902
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_powerpc.deb
Size/MD5: 86902 c7c905f335db1bae382af11fe659d335
http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_powerpc.deb
Size/MD5: 319518 1a7abc7fd9645d47d045f63d9f980528
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200511-0061",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.6.2"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.6.1"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.6"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.5.2"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.5.1"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.5"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "check point",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "fortinet",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "nortel",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openswan linux ipsec",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "stonesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "4.0 (x86-64)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "10 (x86)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (sparc)"
},
{
"model": "solaris",
"scope": "eq",
"trust": 0.8,
"vendor": "sun microsystems",
"version": "9 (x86)"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.2"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.3"
},
{
"model": "ios",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "12.4"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.0"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.1"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.2"
},
{
"model": "pix firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "6.3"
},
{
"model": "pix/asa",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "enterprise firewall",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "8.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "5.0"
},
{
"model": "screenos",
"scope": "eq",
"trust": 0.8,
"vendor": "juniper",
"version": "5.2"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r54)"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r55)"
},
{
"model": "vpn-1/firewall-1",
"scope": "eq",
"trust": 0.8,
"vendor": "check point",
"version": "ng with application intelligence (r55w)"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.00"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.11"
},
{
"model": "hp-ux",
"scope": "eq",
"trust": 0.8,
"vendor": "hewlett packard",
"version": "11.23"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "3 (ws)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (as)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (es)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "4 (ws)"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "5.04"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux ia64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux ia32",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "4.1"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "propack sp6",
"scope": "eq",
"trust": 0.3,
"vendor": "sgi",
"version": "3.0"
},
{
"model": "linux professional oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux professional x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux professional",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal oss",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "10.0"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.3"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.2"
},
{
"model": "linux personal x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "linux personal",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "9.1"
},
{
"model": "fedora core3",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "fedora core2",
"scope": null,
"trust": 0.3,
"vendor": "redhat",
"version": null
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4.0"
},
{
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2006.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.2"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.2"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "10.1"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ppc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "3.1"
},
{
"model": "ipsec-tools",
"scope": "ne",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.6.3"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15523"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
},
{
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Discovery is credited to NISCC, CERT-FI, and the Oulu University Secure Programming Group.",
"sources": [
{
"db": "BID",
"id": "15523"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
}
],
"trust": 0.9
},
"cve": "CVE-2005-3732",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/severity#"
},
"@id": "https://www.variotdbs.pl/ref/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2005-3732",
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.8,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2005-3732",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#226364",
"trust": 0.8,
"value": "16.54"
},
{
"author": "CNNVD",
"id": "CNNVD-200511-313",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
},
{
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. Numerous vulnerabilities have been reported in various Internet Key Exchange version 1 (IKEv1) implementations. The impacts of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or cause an IKEv1 implementation to behave in an unstable/unpredictable manner. ------------ This vulnerability information is a summary of multiple vulnerabilities released at the same time. Please note that the contents of vulnerability information other than the title are included. ------------ I SAKMP (Internet Security Association and Key Management Protocol) Authentication, key management, and SA (security association) of 3 A collective term for multiple protocols. ISAKMP Derived from IKE Is IPSec Key exchange protocol for encrypted communication. In many environments IKEv1 Is used. IKE Communication by phase 1 And phase 2 Divided into phases 1 Then establish a secure communication path, ISAKMP SA Called IKE Exchange own messages. In multiple products ISAKMP/IKE Implementation is illegal ISAKMP Phase 1 There is a problem that causes abnormal behavior when receiving this packet because there is a flaw in the processing of the packet. IKE When a deliberately created packet is sent by a remote attacker with specific information for communication by ISAKMP Services or devices that implement the may be in a service outage.Please refer to the \u201cOverview\u201d for the impact of this vulnerability. IPsec-Tools is prone to a denial-of-service vulnerability. This issue is due to a failure in the application to handle exceptional conditions when in \u0027AGGRESSIVE\u0027 mode. \nAn attacker can exploit this issue to crash the application, thus denying service to legitimate users. \nThese vulnerabilities were discovered by, and may be reproduced by, the University of Oulu Secure Programming Group PROTOS IPSec Test Suite. ---------------------------------------------------------------------\n Fedora Legacy Update Advisory\n\nSynopsis: Updated ipsec-tools package fixes security issue\nAdvisory ID: FLSA:190941\nIssue date: 2006-06-06\nProduct: Fedora Core\nKeywords: Bugfix\nCVE Names: CVE-2005-3732\n---------------------------------------------------------------------\n\n\n---------------------------------------------------------------------\n1. Topic:\n\nAn updated ipsec-tools package that fixes a bug in racoon is now\navailable. \n\nThe ipsec-tools package is used in conjunction with the IPsec\nfunctionality in the linux kernel and includes racoon, an IKEv1 keying\ndaemon. \n\n2. Relevant releases/architectures:\n\nFedora Core 2 - i386\nFedora Core 3 - i386, x86_64\n\n3. Problem description:\n\nA denial of service flaw was found in the ipsec-tools racoon daemon. If\na victim\u0027s machine has racoon configured in a non-recommended insecure\nmanner, it is possible for a remote attacker to crash the racoon daemon. \n(CVE-2005-3732)\n\nUsers of ipsec-tools should upgrade to this updated package, which\ncontains backported patches, and is not vulnerable to this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nTo update all RPMs for your particular architecture, run:\n\nrpm -Fvh [filenames]\n\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\nRPMs which are currently installed will be updated. Those RPMs which\nare not installed but included in the list will not be updated. Note\nthat you can also use wildcards (*.rpm) if your current directory *only*\ncontains the desired RPMs. \n\nPlease note that this update is also available via yum and apt. Many\npeople find this an easier way to apply updates. To use yum issue:\n\nyum update\n\nor to use apt:\n\napt-get update; apt-get upgrade\n\nThis will start an interactive process that will result in the\nappropriate RPMs being upgraded on your system. This assumes that you\nhave yum or apt-get configured for obtaining Fedora Legacy content. \nPlease visit http://www.fedoralegacy.org/docs for directions on how to\nconfigure yum and apt-get. \n\n5. Bug IDs fixed:\n\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190941\n\n6. RPMs required:\n\nFedora Core 2:\n\nSRPM:\nhttp://download.fedoralegacy.org/fedora/2/updates/SRPMS/ipsec-tools-0.5-2.fc2.1.legacy.src.rpm\n\ni386:\nhttp://download.fedoralegacy.org/fedora/2/updates/i386/ipsec-tools-0.5-2.fc2.1.legacy.i386.rpm\n\nFedora Core 3:\n\nSRPM:\nhttp://download.fedoralegacy.org/fedora/3/updates/SRPMS/ipsec-tools-0.5-2.fc3.1.legacy.src.rpm\n\ni386:\nhttp://download.fedoralegacy.org/fedora/3/updates/i386/ipsec-tools-0.5-2.fc3.1.legacy.i386.rpm\n\nx86_64:\nhttp://download.fedoralegacy.org/fedora/3/updates/x86_64/ipsec-tools-0.5-2.fc3.1.legacy.x86_64.rpm\n\n7. Verification:\n\nSHA1 sum Package Name\n---------------------------------------------------------------------\n\nfc2:\ne8f91c085fb9533106c6ebc442572bd0b22f2470\nfedora/2/updates/i386/ipsec-tools-0.5-2.fc2.1.legacy.i386.rpm\n292a0a1426bc75abf0b34a3c91279a40ea78aac2\nfedora/2/updates/SRPMS/ipsec-tools-0.5-2.fc2.1.legacy.src.rpm\n\nfc3:\ne49b07bcc0e3dbe56401056b65b36133dabb4b6c\nfedora/3/updates/i386/ipsec-tools-0.5-2.fc3.1.legacy.i386.rpm\n10eed18767204b88c2811115d889c0a372079ec2\nfedora/3/updates/x86_64/ipsec-tools-0.5-2.fc3.1.legacy.x86_64.rpm\n0832eb1da62b597bc32b26ce9e8429d7e67f43d2\nfedora/3/updates/SRPMS/ipsec-tools-0.5-2.fc3.1.legacy.src.rpm\n\n\nThese packages are GPG signed by Fedora Legacy for security. Our key is\navailable from http://www.fedoralegacy.org/about/security.php\n\nYou can verify each package with the following command:\n\n rpm --checksig -v \u003cfilename\u003e\n\nIf you only wish to verify that each package has not been corrupted or\ntampered with, examine only the sha1sum with the following command:\n\n sha1sum \u003cfilename\u003e\n\n8. References:\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732\n\n9. Contact:\n\nThe Fedora Legacy security contact is \u003csecnotice@fedoralegacy.org\u003e. More\nproject details at http://www.fedoralegacy.org\n\n---------------------------------------------------------------------\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200512-04\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol\n implementation\n Date: December 12, 2005\n Bugs: #112568, #113201\n ID: 200512-04\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nOpenswan and IPsec-Tools suffer from an implementation flaw which may\nallow a Denial of Service attack. \n\nBackground\n==========\n\nOpenswan is an implementation of IPsec for Linux. IPsec is widely\nused to secure exchange of packets at the IP layer and mostly used to\nimplement Virtual Private Networks (VPNs). \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 net-misc/openswan \u003c 2.4.4 \u003e= 2.4.4\n 2 net-firewall/ipsec-tools \u003c 0.6.3 \u003e= 0.6.3\n *\u003e= 0.6.2-r1\n *\u003e= 0.4-r2\n -------------------------------------------------------------------\n 2 affected packages on all of their supported architectures. \n -------------------------------------------------------------------\n\nDescription\n===========\n\nThe Oulu University Secure Programming Group (OUSPG) discovered that\nvarious ISAKMP implementations, including Openswan and racoon (included\nin the IPsec-Tools package), behave in an anomalous way when they\nreceive and handle ISAKMP Phase 1 packets with invalid or abnormal\ncontents. \n\nWorkaround\n==========\n\nAvoid using \"aggressive mode\" in ISAKMP Phase 1, which exchanges\ninformation between the sides before there is a secure channel. \n\nResolution\n==========\n\nAll Openswan users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/openswan-2.4.4\"\n\nAll IPsec-Tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose net-firewall/ipsec-tools\n\nReferences\n==========\n\n [ 1 ] CVE-2005-3671\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3671\n [ 2 ] CVE-2005-3732\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732\n [ 3 ] Original Advisory\n http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200512-04.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2005 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.0\n\n. \n\nTITLE:\nNortel Switched Firewall ISAKMP IKE Message Processing Denial of\nService\n\nSECUNIA ADVISORY ID:\nSA17608\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/17608/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom remote\n\nOPERATING SYSTEM:\nNortel Switched Firewall 5000 Series\nhttp://secunia.com/product/6126/\nNortel Switched Firewall 5100 Series\nhttp://secunia.com/product/6125/\nNortel Switched Firewall 6000 Series\nhttp://secunia.com/product/6124/\n\nDESCRIPTION:\nA vulnerability has been reported in Nortel Switched Firewall, which\npotentially can be exploited by malicious people to cause a DoS\n(Denial of Service). \r\n\r\nThe vulnerability is caused due to unspecified errors in the\nprocessing of IKEv1 Phase 1 protocol exchange messages. This may be\nexploited to cause a DoS via specially crafted IKE packets. \r\n\r\nThe vulnerability is related to:\r\nSA17553\n\nSOLUTION:\nRefer to the original advisory from Nortel Networks for instructions\nhow to apply fixes. \n\nORIGINAL ADVISORY:\nNortel Networks:\r\nhttp://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=367651\u0026RenditionID=\r\n\r\nNISCC:\r\nhttp://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en\n\nOTHER REFERENCES:\nSA17553:\r\nhttp://secunia.com/advisories/17553/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n \n The updated packages have been patched to correct this problem. \n _______________________________________________________________________\n\n References:\n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732\n _______________________________________________________________________\n \n Updated Packages:\n \n Mandriva Linux 10.1:\n c1f74be6f3c46152881ded66022a3928 10.1/RPMS/ipsec-tools-0.2.5-2.2.101mdk.i586.rpm\n c8416853386be9e80b5f8ac6de16cf93 10.1/RPMS/libipsec-tools0-0.2.5-2.2.101mdk.i586.rpm\n 278751ee3fca05321059c67f39f1a0f0 10.1/SRPMS/ipsec-tools-0.2.5-2.2.101mdk.src.rpm\n\n Mandriva Linux 10.1/X86_64:\n 5d3d19d02d0d5a8eb5fcc237768fb07f x86_64/10.1/RPMS/ipsec-tools-0.2.5-2.2.101mdk.x86_64.rpm\n 464dadc90a736f6312a6c143c12a4cce x86_64/10.1/RPMS/lib64ipsec-tools0-0.2.5-2.2.101mdk.x86_64.rpm\n 278751ee3fca05321059c67f39f1a0f0 x86_64/10.1/SRPMS/ipsec-tools-0.2.5-2.2.101mdk.src.rpm\n\n Mandriva Linux 10.2:\n 75b061a206ba4a943904d384e489036c 10.2/RPMS/ipsec-tools-0.5-4.2.102mdk.i586.rpm\n 3c17715ce5bd1e63347e844bca518fa3 10.2/RPMS/libipsec0-0.5-4.2.102mdk.i586.rpm\n c221e9fbca14cc956df812605aa67b96 10.2/RPMS/libipsec0-devel-0.5-4.2.102mdk.i586.rpm\n 313ae7a9fd1eceb117515c61f19f0a2a 10.2/SRPMS/ipsec-tools-0.5-4.2.102mdk.src.rpm\n\n Mandriva Linux 10.2/X86_64:\n 2de25a175eff7fbb77758993965110a5 x86_64/10.2/RPMS/ipsec-tools-0.5-4.2.102mdk.x86_64.rpm\n ff5095c574441578b6e6e1c9384bf05c x86_64/10.2/RPMS/lib64ipsec0-0.5-4.2.102mdk.x86_64.rpm\n db6e3f33dc2326528a4c22e199e2c0fa x86_64/10.2/RPMS/lib64ipsec0-devel-0.5-4.2.102mdk.x86_64.rpm\n 313ae7a9fd1eceb117515c61f19f0a2a x86_64/10.2/SRPMS/ipsec-tools-0.5-4.2.102mdk.src.rpm\n\n Mandriva Linux 2006.0:\n a3881692a4ee81a3e4759500691ba86d 2006.0/RPMS/ipsec-tools-0.5.2-5.1.20060mdk.i586.rpm\n 4523963e017054a149cc9c6c46e6fa39 2006.0/RPMS/libipsec0-0.5.2-5.1.20060mdk.i586.rpm\n 9208a98bc79efce31e8bf08c5a409431 2006.0/RPMS/libipsec0-devel-0.5.2-5.1.20060mdk.i586.rpm\n 390a8547034610a0ebd6a30f8752c36d 2006.0/SRPMS/ipsec-tools-0.5.2-5.1.20060mdk.src.rpm\n\n Mandriva Linux 2006.0/X86_64:\n 89c02c5eebb80544fb54cf8876183d92 x86_64/2006.0/RPMS/ipsec-tools-0.5.2-5.1.20060mdk.x86_64.rpm\n 833ab780f0ef3eb86da1c2aa82746c72 x86_64/2006.0/RPMS/lib64ipsec0-0.5.2-5.1.20060mdk.x86_64.rpm\n d875aeb7f90b36eba89ff2e2b901a3cc x86_64/2006.0/RPMS/lib64ipsec0-devel-0.5.2-5.1.20060mdk.x86_64.rpm\n 390a8547034610a0ebd6a30f8752c36d x86_64/2006.0/SRPMS/ipsec-tools-0.5.2-5.1.20060mdk.src.rpm\n\n Multi Network Firewall 2.0:\n 3a441d674beb304f607975502cb2f302 mnf/2.0/RPMS/ipsec-tools-0.2.5-0.4.M20mdk.i586.rpm\n 109a0184382426bd065df6000f64189d mnf/2.0/RPMS/libipsec-tools0-0.2.5-0.4.M20mdk.i586.rpm\n 96dacbdb35121f2f876d1bb19cb00c24 mnf/2.0/SRPMS/ipsec-tools-0.2.5-0.4.M20mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.4 (GNU/Linux)\n\niD8DBQFD19iemqjQ0CJFipgRAp9rAKC7w5Jflg/c/KBy6kdNDiGF8YbgWQCeIbM4\nLUncx0ejSC2hQ5/zFlDZKjg=\n=qhPu\n-----END PGP SIGNATURE-----\n\n. ===========================================================\nUbuntu Security Notice USN-221-1\t December 01, 2005\nipsec-tools vulnerability\nCVE-2005-3732\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 4.10 (Warty Warthog)\nUbuntu 5.04 (Hoary Hedgehog)\nUbuntu 5.10 (Breezy Badger)\n\nThe following packages are affected:\n\nracoon\n\nThe problem can be corrected by upgrading the affected package to\nversion 0.3.3-1ubuntu0.2 (for Ubuntu 4.10), 1:0.5-5ubuntu0.1 (for\nUbuntu 5.04), or 1:0.6-1ubuntu1.1 (for Ubuntu 5.10). In general, a\nstandard system upgrade is sufficient to effect the necessary changes. When the daemon\nis configured to use aggressive mode, then it did not check whether\nthe peer sent all required payloads during the IKE negotiation phase. \nA malicious IPsec peer could exploit this to crash the racoon daemon. \n\nPlease be aware that racoon is not officially supported by Ubuntu, the\npackage is in the \u0027universe\u0027 component of the archive. \n\nUpdated packages for Ubuntu 4.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2.diff.gz\n Size/MD5: 191462 3f68d0eb625f920ef3ab5e4e1a2b942f\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2.dsc\n Size/MD5: 705 8c92ea1c2b68e7e335892c10020bafc2\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3.orig.tar.gz\n Size/MD5: 864122 b141da8ae299c8fdc53e536f6bbc3ad0\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_amd64.deb\n Size/MD5: 106260 491ea714d329c5b0d6b8283c7579140f\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_amd64.deb\n Size/MD5: 201510 7c3c1d31969a6924bfe0afbf6f56b468\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_i386.deb\n Size/MD5: 101224 5e35a5bfca069cf88d0d349ad86b3cf8\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_i386.deb\n Size/MD5: 186400 0627a043d0f0ad1e05830d57c35666f2\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_powerpc.deb\n Size/MD5: 108966 67f208c020df5f1194ab71a0569004f2\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_powerpc.deb\n Size/MD5: 196078 2acd7c40b8a56db688fc8ac8484272da\n\nUpdated packages for Ubuntu 5.04:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1.diff.gz\n Size/MD5: 41200 47ee31ab5776589dd049a90f0437865b\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1.dsc\n Size/MD5: 660 cad8e0faad2316aa0a65e28880548f58\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5.orig.tar.gz\n Size/MD5: 883484 57de611b23eb141173698478e9b64474\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_amd64.deb\n Size/MD5: 80430 47b366f44e0c8fb49ea43500161a6419\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_amd64.deb\n Size/MD5: 301450 9fd3f818fc41641ed0e691f69b23c441\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_i386.deb\n Size/MD5: 75606 390fe7eb94e2e519bef1a0df6b6d46b5\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_i386.deb\n Size/MD5: 276974 baef582ea75ecaf240298d2917b79fac\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_powerpc.deb\n Size/MD5: 83030 7880cae89438386a5b9f676760eff1be\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_powerpc.deb\n Size/MD5: 296838 f417446dce53652608242e1798663622\n\nUpdated packages for Ubuntu 5.10:\n\n Source archives:\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1.diff.gz\n Size/MD5: 49677 79084ce144e4b54267f69876d8104387\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1.dsc\n Size/MD5: 685 c22deb12d9a0943e3a66aad1a83c3857\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.orig.tar.gz\n Size/MD5: 905983 2cd85d36012b4d2c6947f7c17ad45b3e\n\n amd64 architecture (Athlon64, Opteron, EM64T Xeon)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_amd64.deb\n Size/MD5: 85086 e894b1b0168138fdb46d0c55095252bf\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_amd64.deb\n Size/MD5: 326258 1e7da4aa300a082cdf8034639de4f0a0\n\n i386 architecture (x86 compatible Intel/AMD)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_i386.deb\n Size/MD5: 78912 b46dd5373458dd5500b2513edc6ceec8\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_i386.deb\n Size/MD5: 298016 5df2e64e0ac064876aa21d29c086f902\n\n powerpc architecture (Apple Macintosh G3/G4/G5)\n\n http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_powerpc.deb\n Size/MD5: 86902 c7c905f335db1bae382af11fe659d335\n http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_powerpc.deb\n Size/MD5: 319518 1a7abc7fd9645d47d045f63d9f980528\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3732"
},
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"db": "BID",
"id": "15523"
},
{
"db": "PACKETSTORM",
"id": "47207"
},
{
"db": "PACKETSTORM",
"id": "42278"
},
{
"db": "PACKETSTORM",
"id": "41586"
},
{
"db": "PACKETSTORM",
"id": "43428"
},
{
"db": "PACKETSTORM",
"id": "42029"
}
],
"trust": 3.06
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2005-3732",
"trust": 3.1
},
{
"db": "BID",
"id": "15523",
"trust": 2.7
},
{
"db": "SECUNIA",
"id": "17668",
"trust": 2.4
},
{
"db": "SECUNIA",
"id": "17621",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17553",
"trust": 1.6
},
{
"db": "CERT/CC",
"id": "VU#226364",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "20210",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17822",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17980",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "18616",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "18742",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "18115",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "19833",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2005-2521",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1015254",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "17608",
"trust": 0.9
},
{
"db": "SECUNIA",
"id": "17663",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "17838",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "17684",
"trust": 0.8
},
{
"db": "AUSCERT",
"id": "ESB-2005.0924",
"trust": 0.8
},
{
"db": "BID",
"id": "15401",
"trust": 0.8
},
{
"db": "BID",
"id": "15474",
"trust": 0.8
},
{
"db": "BID",
"id": "15420",
"trust": 0.8
},
{
"db": "BID",
"id": "15479",
"trust": 0.8
},
{
"db": "BID",
"id": "17902",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000685",
"trust": 0.8
},
{
"db": "DEBIAN",
"id": "DSA-965",
"trust": 0.6
},
{
"db": "SGI",
"id": "20060501-01-U",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200512-04",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FLSA-2006:190941",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDKSA-2006:020",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2006:0267",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SA:2005:070",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20051214 RE: [ GLSA 200512-04 ] OPENSWAN, IPSEC-TOOLS: VULNERABILITIES IN ISAK MP PROTOCOL IMPLEMENTATION",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[IPSEC-TOOLS-DEVEL] 20051120 POTENTIAL DOS FIXED IN IPSEC-TOOLS",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-221-1",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "47207",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42278",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "41586",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "43428",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "42029",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15523"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"db": "PACKETSTORM",
"id": "47207"
},
{
"db": "PACKETSTORM",
"id": "42278"
},
{
"db": "PACKETSTORM",
"id": "41586"
},
{
"db": "PACKETSTORM",
"id": "43428"
},
{
"db": "PACKETSTORM",
"id": "42029"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
},
{
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"id": "VAR-200511-0061",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 1.0
},
"last_update_date": "2022-05-29T21:11:57.981000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20051114-ipsec",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml"
},
{
"title": "HPSBUX02076",
"trust": 0.8,
"url": "http://www2.itrc.hp.com/service/cki/docdisplay.do?docid=c00555601"
},
{
"title": "HPSBUX02076",
"trust": 0.8,
"url": "http://h50221.www5.hp.com/upassist/itrc_japan/assist2/secbltn/hp-ux/hpsbux02076.html"
},
{
"title": "PSN-2005-11-007",
"trust": 0.8,
"url": "http://www.juniper.net/support/security/alerts/psn-2005-11-007.txt"
},
{
"title": "AXSA-2006-65:1",
"trust": 0.8,
"url": "http://www.miraclelinux.com/support/update/list.php?errata_id=362"
},
{
"title": "RHSA-2006:0267",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2006-0267.html"
},
{
"title": "102246",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-1"
},
{
"title": "102246",
"trust": 0.8,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102246-3"
},
{
"title": "SYM05-025",
"trust": 0.8,
"url": "http://securityresponse.symantec.com/avcenter/security/content/2005.11.21.html"
},
{
"title": "cisco-sa-20051114-ipsec",
"trust": 0.8,
"url": "http://www.cisco.com/japanese/warp/public/3/jp/service/tac/707/cisco-sa-20051114-ipsec-j.shtml"
},
{
"title": "SYM05-025",
"trust": 0.8,
"url": "http://www.symantec.com/region/jp/avcenter/security/content/2005.11.21.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.checkpoint.co.jp/"
},
{
"title": "RHSA-2006:0267",
"trust": 0.8,
"url": "http://www.jp.redhat.com/support/errata/rhsa/rhsa-2006-0267j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2005-000685"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-399",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.niscc.gov.uk/niscc/docs/re-20051114-01014.pdf?lang=en"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/15523"
},
{
"trust": 2.2,
"url": "http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3\u0026r2=1.20.2.4\u0026diff_format=u"
},
{
"trust": 1.9,
"url": "http://sourceforge.net/mailarchive/forum.php?thread_id=9017454\u0026forum_id=32000"
},
{
"trust": 1.9,
"url": "http://rhn.redhat.com/errata/rhsa-2006-0267.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/17553/"
},
{
"trust": 1.7,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/"
},
{
"trust": 1.6,
"url": "http://jvn.jp/niscc/niscc-273756/index.html"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17621/"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17668"
},
{
"trust": 1.6,
"url": "http://www.novell.com/linux/security/advisories/2005_70_ipsec.html"
},
{
"trust": 1.6,
"url": "http://www.mandriva.com/security/advisories?name=mdksa-2006:020"
},
{
"trust": 1.6,
"url": "http://www.gentoo.org/security/en/glsa/glsa-200512-04.xml"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2006/dsa-965"
},
{
"trust": 1.6,
"url": "http://securitytracker.com/id?1015254"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/20210"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/19833"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18742"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18616"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/18115"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17980"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/17822"
},
{
"trust": 1.6,
"url": "http://archives.neohapsis.com/archives/bugtraq/2005-12/0161.html"
},
{
"trust": 1.6,
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-u.asc"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3732"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2005/2521"
},
{
"trust": 1.0,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9857"
},
{
"trust": 1.0,
"url": "https://usn.ubuntu.com/221-1/"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/436343/100/0/threaded"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/17608/"
},
{
"trust": 0.8,
"url": "http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp"
},
{
"trust": 0.8,
"url": "http://www.ficora.fi/suomi/tietoturva/varoitukset/varoitus-2005-82.htm"
},
{
"trust": 0.8,
"url": "http://www.auscert.org.au/5748"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17684/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17668/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17663/"
},
{
"trust": 0.8,
"url": "http://secunia.com/advisories/17838/"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/2470"
},
{
"trust": 0.8,
"url": "http://www.frsirt.com/english/advisories/2005/2406"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2005-3732"
},
{
"trust": 0.8,
"url": "http://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/17902"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/15479"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/15474"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/15420"
},
{
"trust": 0.8,
"url": "http://www.securityfocus.com/bid/15401"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/226364"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2005/2521"
},
{
"trust": 0.6,
"url": "http://www.ubuntulinux.org/support/documentation/usn/usn-221-1"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/436343/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://frontal2.mandriva.com/security/advisories?name=mdksa-2006:020"
},
{
"trust": 0.3,
"url": "http://www.us.debian.org/security/2006/dsa-965"
},
{
"trust": 0.3,
"url": "http://sourceforge.net/project/shownotes.php?release_id=372605\u0026group_id=74601"
},
{
"trust": 0.3,
"url": "http://ipsec-tools.sourceforge.net/"
},
{
"trust": 0.1,
"url": "http://download.fedoralegacy.org/fedora/2/updates/i386/ipsec-tools-0.5-2.fc2.1.legacy.i386.rpm"
},
{
"trust": 0.1,
"url": "https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=190941"
},
{
"trust": 0.1,
"url": "http://download.fedoralegacy.org/fedora/3/updates/i386/ipsec-tools-0.5-2.fc3.1.legacy.i386.rpm"
},
{
"trust": 0.1,
"url": "http://www.fedoralegacy.org/docs"
},
{
"trust": 0.1,
"url": "http://download.fedoralegacy.org/fedora/2/updates/srpms/ipsec-tools-0.5-2.fc2.1.legacy.src.rpm"
},
{
"trust": 0.1,
"url": "http://www.fedoralegacy.org"
},
{
"trust": 0.1,
"url": "http://download.fedoralegacy.org/fedora/3/updates/srpms/ipsec-tools-0.5-2.fc3.1.legacy.src.rpm"
},
{
"trust": 0.1,
"url": "http://www.fedoralegacy.org/about/security.php"
},
{
"trust": 0.1,
"url": "http://download.fedoralegacy.org/fedora/3/updates/x86_64/ipsec-tools-0.5-2.fc3.1.legacy.x86_64.rpm"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2005-3671"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/glsa/glsa-200512-04.xml"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.0"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6124/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=bltndetail\u0026documentoid=367651\u0026renditionid="
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6125/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6126/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2.dsc"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2005-3732"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6-1ubuntu1.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.5-5ubuntu0.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.5-5ubuntu0.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.6-1ubuntu1.1_powerpc.deb"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15523"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"db": "PACKETSTORM",
"id": "47207"
},
{
"db": "PACKETSTORM",
"id": "42278"
},
{
"db": "PACKETSTORM",
"id": "41586"
},
{
"db": "PACKETSTORM",
"id": "43428"
},
{
"db": "PACKETSTORM",
"id": "42029"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
},
{
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#226364"
},
{
"db": "BID",
"id": "15523"
},
{
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"db": "PACKETSTORM",
"id": "47207"
},
{
"db": "PACKETSTORM",
"id": "42278"
},
{
"db": "PACKETSTORM",
"id": "41586"
},
{
"db": "PACKETSTORM",
"id": "43428"
},
{
"db": "PACKETSTORM",
"id": "42029"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
},
{
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2005-11-17T00:00:00",
"db": "CERT/CC",
"id": "VU#226364"
},
{
"date": "2005-11-22T00:00:00",
"db": "BID",
"id": "15523"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"date": "2006-06-11T03:26:47",
"db": "PACKETSTORM",
"id": "47207"
},
{
"date": "2005-12-14T07:27:58",
"db": "PACKETSTORM",
"id": "42278"
},
{
"date": "2005-11-19T21:56:12",
"db": "PACKETSTORM",
"id": "41586"
},
{
"date": "2006-01-27T07:38:51",
"db": "PACKETSTORM",
"id": "43428"
},
{
"date": "2005-12-02T17:01:28",
"db": "PACKETSTORM",
"id": "42029"
},
{
"date": "2005-11-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-313"
},
{
"date": "2005-11-21T22:03:00",
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2006-01-03T00:00:00",
"db": "CERT/CC",
"id": "VU#226364"
},
{
"date": "2006-11-24T20:35:00",
"db": "BID",
"id": "15523"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2005-000685"
},
{
"date": "2005-11-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200511-313"
},
{
"date": "2018-10-19T15:38:00",
"db": "NVD",
"id": "CVE-2005-3732"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "43428"
},
{
"db": "PACKETSTORM",
"id": "42029"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IPSec-Tools IKE Message Handling Denial of Service Vulnerability",
"sources": [
{
"db": "BID",
"id": "15523"
},
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200511-313"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.