131 matches found
Apache killer exploit modified for better Results
Apache killer exploit modified for better Results "4L4N4 K!LL3R" or Killapache DDOS tool exploit, previously coded by kingscope's , re-edited and coded by "S4uR4" , which kills apache and still many websites are vulnerable. S4uR4 rewrite this exploit on php/curl web based with agressive mode...
CVE-2010-4354
The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances ASA 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device,...
CVE-2010-4354
The CVE covers a vulnerability in Cisco VPN products where remote attackers could enumerate valid VPN group names by sending an IKE Aggressive Mode packet with the group name in the ID field. Affected devices include ASA 5500 series, PIX 500 series, and VPN Concentrators 3000 series. Root cause i...
CVE-2010-4354
The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances ASA 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device,...
Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
Cisco VPN Concentrator IKE resource exhaustion DoS Advisory 1. Overview NTA Monitor discovered a denial of service vulnerability in the Cisco VPN 3000 series concentrator products while performing a VPN security test for a customer in July 2005. The vulnerability affects Phase-1 of the IKE...
security flaw
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
Ubuntu 4.10 / 5.04 / 5.10 : ipsec-tools vulnerability (USN-221-1)
The Oulu University Secure Programming Group discovered a remote Denial of Service vulnerability in the racoon daemon. When the daemon is configured to use aggressive mode, then it did not check whether the peer sent all required payloads during the IKE negotiation phase. A malicious IPsec peer...
SUSE-SA:2005:070: ipsec-tools,freeswan,openswan
The remote host is missing the patch for the advisory SUSE-SA:2005:070 ipsec-tools,freeswan,openswan. Openswan, Freeswan and raccoon ipsec-tools have been updated to fix crashes in aggressive mode. An attacker might send specially crafted packets that can crash racoon or Pluto. The ipsec-tools /...
USN-221-1: racoon vulnerability
The Oulu University Secure Programming Group discovered a remote Denial of Service vulnerability in the racoon daemon. When the daemon is configured to use aggressive mode, then it did not check whether the peer sent all required payloads during the IKE negotiation phase. A malicious IPsec peer...
CVE-2005-3732
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
CVE-2005-3732
CVE-2005-3732 affects the IKEv1 racoon implementation in ipsec-tools (isakmp_agg.c) prior to version 0.6.3, when running in aggressive mode. A remote attacker can trigger a denial-of-service via a crafted IKE packet that dereferences a NULL pointer. Public advisories from Red Hat/CentOS (RHSA-200...
CVE-2005-3732
Removed by vendor...
CVE-2005-3732
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
CVE-2005-3671
The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...
CVE-2005-3671
CVE-2005-3671 affects OpenSwan 2.x (pre-2.4.4) and Freeswan in SUSE Linux 9.1 (before 2.04_1.5.4-1.23). The vulnerability allows a remote attacker to cause a Denial of Service by processing specially crafted ISAKMP/IKEv1 data: (1) a crafted packet using 3DES with an invalid key length, or (2) uns...
CVE-2005-3671
The Internet Key Exchange version 1 IKEv1 implementation in Openswan 2 openswan-2 before 2.4.4, and freeswan in SUSE LINUX 9.1 before 2.041.5.4-1.23, allow remote attackers to cause a denial of service via 1 a crafted packet using 3DES with an invalid key length, or 2 unspecified inputs when...
CVE-2005-2640
The CVE describes a behavioral discrepancy information leak in Juniper Netscreen VPNs running ScreenOS 5.2.0 and earlier. When using IKE with pre-shared key authentication, remote attackers can enumerate valid usernames by sending an IKE Aggressive Mode packet: a response is generated for valid u...
CVE-2005-2640
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but...
Juniper NetScreen 5.0 - VPN Username Enumeration
Juniper NetScreen 5.0 - VPN Username Enumeration source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN...
Juniper NetScreen 5.0 - VPN 'Username' Enumeration
source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN users. With a valid username, an attacker can...