2803 matches found
CVE-2005-2359
The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session...
CVE-2005-2359
The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session...
CVE-2005-2359
The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session...
CVE-2005-2359
CVE-2005-2359: In FreeBSD 5.3 and 5.4, a programming error in the AES-XCBC-MAC implementation causes a constant key to be used for authentication when IPsec is used without encryption. This allows an attacker to forge packets and establish an IPsec session, compromising integrity of that channel....
FreeBSD IPSec authentication bypass
Static key is used for AES-XCBC-MAC algorithm...
FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:19.ipsec Security Advisory The FreeBSD Project Topic: Incorrect key usage in AES-XCBC-MAC Category: core Module: netinet6 Announced: 2005-07-27 Credits: Yukiyo...
FreeBSD-SA-05:19.ipsec
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:19.ipsec Security Advisory The FreeBSD Project Topic: Incorrect key usage in AES-XCBC-MAC Category: core Module: netinet6 Announced: 2005-07-27 Credits: Yukiyo...
ipsec -- Incorrect key usage in AES-XCBC-MAC
Problem description A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator. Impact If the AES-XCBC-MAC algorithm is used for authentication in the absence of any...
[Full-disclosure] ICMP attacks against TCP: Conclusions
Folks, My posts to this list have tried to show how easy it is to perform ICMP attacks against TCP. The attacks are blind, so the attacker does not need to be a "man in the middle" to perform then. The typical number of packets required to perform any of these attacks is about 16000 in many cases...
SSH IPSEC Express 4.0.1 VPN Detection
Binary data 3083.prm...
SSH IPSEC Express 4.0.0 VPN Detection
Binary data 3082.prm...
SSH IPSEC Express 4.2.0 VPN Detection
Binary data 3085.prm...
SSH IPSEC Express 1.1.1 VPN Detection
Binary data 3072.prm...
SSH IPSEC Express 4.1.0 VPN Detection
Binary data 3084.prm...
SSH IPSEC Express 2.0.0 VPN Detection
Binary data 3076.prm...
SSH IPSEC Express 2.1.2 VPN Detection
Binary data 3079.prm...
SSH IPSEC Express 1.1.0 VPN Detection
Binary data 3071.prm...
SSH IPSEC Express 1.2.2 VPN Detection
Binary data 3075.prm...
SSH IPSEC Express 3.0.0 VPN Detection
Binary data 3080.prm...
SSH IPSEC Express 2.1.0 VPN Detection
Binary data 3077.prm...