2813 matches found
Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability Revision 1.0 For Public Release 2004 April 15 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Details...
Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability Revision 1.0 For Public Release 2004 April 8 at 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Affected...
KAME Racoon IKE daemon fails to properly verify client RSA signatures
Overview The KAME Racoon IKE daemon fails to properly verify client RSA signatures when using Main or Aggressive Mode during a Phase 1 IKE exchange. Description Racoon is an IKE Key Management daemon that negotiates and configures a set of parameters for IPSec. When authenticating a peer in Phase...
Cisco IPSec VPN module IKE DoS
Device crashes on malformed IKE packet...
Cisco IPSec Malformed IKE Packet Vulnerability
...
Cisco IPSec VPNSM IKE Packet DoS (CSCed30113)
The remote router contains a version of IOS which has multiple flaws when dealing with malformed IKE packets. CISCO identifies this vulnerability as bug id CSCed30113 An attacker may use this flaw to render this router inoperable C Tenable Network Security include"compat.inc"; ifdescription...
ipsec-tools contains an X.509 certificates vulnerability.
Background From http://ipsec-tools.sourceforge.net/ : "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." Description racoon a utility in the ipsec-tools package does not verify digital signatures on Phase1 packets. This means that anybody holding the correct...
CVE-2004-0219
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service crash via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite...
unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
0 Preface Now that most bugs in isakmpd that allowed for unauthorized SA deletion are "fixed", it's time to release some information on racoon. By the way: About 5 months ago I tried to contact the KAME developers. 1 Description racoon, KAME's IKE daemon, contains some flaws, that allow for...
CVE-2003-1004
Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service dropped IPSec tunnel connection via an IKE Phase I negotiation request to the outside interface of the firewall...
Re: multiple payload handling flaws in isakmpd, again
There is one important thing I forgot to mention. In isakmpd deleting an IPsec SA also means deleting the appropriate IPsec policy in almost any case. Take a look at pfkeyv2deletespi in pfkeyv2.c. It calls pfkeyv2disablesa, the policy eraser ;-, if the SA was not acquired through the kernel: if...
CVE-2003-1004
Cisco PIX firewall versions 6.2.x through 6.2.3, when configured as a VPN Client, are affected by CVE-2003-1004. A remote attacker can cause a denial of service (dropped IPSec tunnel) by sending an IKE Phase I negotiation request to the firewall’s outside interface. The connected sources consiste...
Cisco PIX multiple bugs
SNMPv3 message causes device to reboot. If device is configured as VPN client and another VPN client connects IPSec tunnel may be broken during IKE phase...
CVE-2003-0242
IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies...
CVE-2003-0258
Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication...
CVE-2003-0242
IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies...
CVE-2003-0242
Mac OS X IPSec before 10.2.6 is affected by a vulnerability in how incoming security policies that match by port are processed. The IPSec implementation may allow traffic that should be blocked by policy, potentially bypassing ACLs and reaching a host that should not be reachable. At a high level...
CVE-2003-0258
CVE-2003-0258 affects Cisco VPN 3000 Series Concentrators and Cisco VPN 3002 Hardware Client (3.5.x–4.0.REL). When IPSec over TCP is enabled for a port on the concentrator, traffic forwarded on that port may be delivered to all hosts on the protected network, not only those using IPsec, enabling ...
CVE-2002-0414
KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database SPD, which could cause a Security Gateway SG that does not use Encapsulating Security Payload ESP to forward forged IPv4 packets...
CVE-2002-0414
Affected software: KAME-derived IPsec implementations on NetBSD 1.5.2, FreeBSD 4.5, and other OSes. Vulnerability: the implementation does not properly consult the Security Policy Database (SPD), which can allow a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to for...