Lucene search
K

2813 matches found

securityvulns
securityvulns
added 2004/04/16 12:0 a.m.43 views

Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability Revision 1.0 For Public Release 2004 April 15 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Details...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2004/04/09 12:0 a.m.22 views

Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability Revision 1.0 For Public Release 2004 April 8 at 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Affected...

Exploits0
CERT
CERT
added 2004/04/09 12:0 a.m.49 views

KAME Racoon IKE daemon fails to properly verify client RSA signatures

Overview The KAME Racoon IKE daemon fails to properly verify client RSA signatures when using Main or Aggressive Mode during a Phase 1 IKE exchange. Description Racoon is an IKE Key Management daemon that negotiates and configures a set of parameters for IPSec. When authenticating a peer in Phase...

7.5CVSS7.2AI score0.03625EPSS
Exploits0References6
securityvulns
securityvulns
added 2004/04/09 12:0 a.m.35 views

Cisco IPSec VPN module IKE DoS

Device crashes on malformed IKE packet...

1.7AI score
Exploits0References1Affected Software2
Cisco
Cisco
added 2004/04/08 4:0 p.m.21 views

Cisco IPSec Malformed IKE Packet Vulnerability

...

5CVSS1.9AI score0.02008EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/04/08 12:0 a.m.25 views

Cisco IPSec VPNSM IKE Packet DoS (CSCed30113)

The remote router contains a version of IOS which has multiple flaws when dealing with malformed IKE packets. CISCO identifies this vulnerability as bug id CSCed30113 An attacker may use this flaw to render this router inoperable C Tenable Network Security include"compat.inc"; ifdescription...

5CVSS5.5AI score0.02008EPSS
Exploits0References1
Gentoo Linux
Gentoo Linux
added 2004/04/07 12:0 a.m.17 views

ipsec-tools contains an X.509 certificates vulnerability.

Background From http://ipsec-tools.sourceforge.net/ : "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." Description racoon a utility in the ipsec-tools package does not verify digital signatures on Phase1 packets. This means that anybody holding the correct...

0.6AI score
Exploits0
Cvelist
Cvelist
added 2004/03/25 5:0 a.m.31 views

CVE-2004-0219

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service crash via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite...

6.4AI score0.0311EPSS
Exploits0References7
securityvulns
securityvulns
added 2004/01/14 12:0 a.m.31 views

unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

0 Preface Now that most bugs in isakmpd that allowed for unauthorized SA deletion are "fixed", it's time to release some information on racoon. By the way: About 5 months ago I tried to contact the KAME developers. 1 Description racoon, KAME's IKE daemon, contains some flaws, that allow for...

0.1AI score
Exploits0
NVD
NVD
added 2004/01/05 5:0 a.m.15 views

CVE-2003-1004

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service dropped IPSec tunnel connection via an IKE Phase I negotiation request to the outside interface of the firewall...

5CVSS6.7AI score0.01273EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/01/03 12:0 a.m.32 views

Re: multiple payload handling flaws in isakmpd, again

There is one important thing I forgot to mention. In isakmpd deleting an IPsec SA also means deleting the appropriate IPsec policy in almost any case. Take a look at pfkeyv2deletespi in pfkeyv2.c. It calls pfkeyv2disablesa, the policy eraser ;-, if the SA was not acquired through the kernel: if...

1.4AI score
Exploits0
CVE
CVE
added 2003/12/17 5:0 a.m.57 views

CVE-2003-1004

Cisco PIX firewall versions 6.2.x through 6.2.3, when configured as a VPN Client, are affected by CVE-2003-1004. A remote attacker can cause a denial of service (dropped IPSec tunnel) by sending an IKE Phase I negotiation request to the firewall’s outside interface. The connected sources consiste...

5CVSS6.7AI score0.01273EPSS
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2003/12/15 12:0 a.m.34 views

Cisco PIX multiple bugs

SNMPv3 message causes device to reboot. If device is configured as VPN client and another VPN client connects IPSec tunnel may be broken during IKE phase...

1.9AI score
Exploits0References1Affected Software1
NVD
NVD
added 2003/06/09 4:0 a.m.26 views

CVE-2003-0242

IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies...

7.5CVSS6.6AI score0.03215EPSS
Exploits0References6
NVD
NVD
added 2003/05/27 4:0 a.m.21 views

CVE-2003-0258

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication...

7.5CVSS6.7AI score0.02158EPSS
Exploits0References3
Cvelist
Cvelist
added 2003/05/17 4:0 a.m.24 views

CVE-2003-0242

IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies...

6.6AI score0.03215EPSS
Exploits0References6
CVE
CVE
added 2003/05/17 4:0 a.m.51 views

CVE-2003-0242

Mac OS X IPSec before 10.2.6 is affected by a vulnerability in how incoming security policies that match by port are processed. The IPSec implementation may allow traffic that should be blocked by policy, potentially bypassing ACLs and reaching a host that should not be reachable. At a high level...

7.5CVSS6.6AI score0.03215EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2003/05/08 4:0 a.m.57 views

CVE-2003-0258

CVE-2003-0258 affects Cisco VPN 3000 Series Concentrators and Cisco VPN 3002 Hardware Client (3.5.x–4.0.REL). When IPSec over TCP is enabled for a port on the concentrator, traffic forwarded on that port may be delivered to all hosts on the protected network, not only those using IPsec, enabling ...

7.5CVSS6.7AI score0.02158EPSS
Exploits0References3Affected Software7
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.37 views

CVE-2002-0414

KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database SPD, which could cause a Security Gateway SG that does not use Encapsulating Security Payload ESP to forward forged IPv4 packets...

6.5AI score0.01404EPSS
Exploits0References6
CVE
CVE
added 2003/04/02 5:0 a.m.56 views

CVE-2002-0414

Affected software: KAME-derived IPsec implementations on NetBSD 1.5.2, FreeBSD 4.5, and other OSes. Vulnerability: the implementation does not properly consult the Security Policy Database (SPD), which can allow a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to for...

7.5CVSS6.9AI score0.01404EPSS
Exploits0References6Affected Software3
Rows per page
Query Builder