EUVD-2005-2360

Malware in sbrugna...

FreeBSD Security Advisory (FreeBSD-SA-05:19.ipsec.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:19.ipsec.asc ADV FreeBSD-SA-05:19.ipsec.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft...

FreeBSD Security Advisory (FreeBSD-SA-05:19.ipsec.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-05:19.ipsec.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2005-2359

The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session...

CVE-2005-2359

The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session...

CVE-2005-2359

CVE-2005-2359: In FreeBSD 5.3 and 5.4, a programming error in the AES-XCBC-MAC implementation causes a constant key to be used for authentication when IPsec is used without encryption. This allows an attacker to forge packets and establish an IPsec session, compromising integrity of that channel....

CVE-2005-2359

The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session...

FreeBSD IPSec authentication bypass

Static key is used for AES-XCBC-MAC algorithm...

ipsec -- Incorrect key usage in AES-XCBC-MAC

Problem description A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator. Impact If the AES-XCBC-MAC algorithm is used for authentication in the absence of any...

FreeBSD-SA-05:19.ipsec

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:19.ipsec Security Advisory The FreeBSD Project Topic: Incorrect key usage in AES-XCBC-MAC Category: core Module: netinet6 Announced: 2005-07-27 Credits: Yukiyo...