SSH IPSEC Express 1.2.1 VPN Detection

Binary data 3074.prm...

SSH IPSEC Express 2.1.1 VPN Detection

Binary data 3078.prm...

SSH IPSEC Express 3.0.1 VPN Detection

Binary data 3081.prm...

SSH IPSEC Express 1.1.2 VPN Detection

Binary data 3073.prm...

CVE-2004-2230

CVE-2004-2230 : Heap-based buffer overflow in isakmpd on OpenBSD 3.4–3.6 allows local users to trigger a denial of service (panic) and memory corruption via IPSEC credentials on a socket. Affected software: OpenBSD’s isakmpd (versions 3.4–3.6). Root cause: heap-based overflow in handling IPSEC cr...

CVE-2004-2230

Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service panic and corrupt memory via IPSEC credentials on a socket...

OpenBSD ip_ctloutput() DoS

Error in the "ipctloutput" function can be exploited by using the "getsockopt" to retrieve IPsec credentials for a socket...

Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes

Overview Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes. This may allow a remote, unauthenticated attacker to access the private network. Description Easy VPN Server Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing...

Cisco IOS Easy VPN Server may allow unauthorized users to complete XAUTH authentication

Overview A vulnerability in Cisco IOS Easy VPN Server may allow unauthorized users to complete XAUTH authentication and potentially access private network resources. Description Easy VPN Server Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing...

CVE-2005-1802

Nortel VPN Router (also known as Contivity) is affected by CVE-2005-1802. A remote attacker can cause a denial of service (crash) by sending an IPsec IKE packet with a malformed ISAKMP header. The available documents identify the vulnerable component as the IPsec/IKE handling, but do not provide ...

CVE-2005-1802

Nortel VPN Router aka Contivity allows remote attackers to cause a denial of service crash via an IPsec IKE packet with a malformed ISAKMP header...

Fedora Core 2 : ipsec-tools-0.5-2.fc2 (2005-216)

This update fixes a potential DoS in parsing ISAKMP headers in racoon. CVE-2005-0398 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

CVE-2005-0039

Certain configurations of IPsec, when using Encapsulating Security Payload ESP in tunnel mode, integrity protection at a higher layer, or Authentication Header AH, allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner...

CVE-2005-0039

Certain configurations of IPsec, when using Encapsulating Security Payload ESP in tunnel mode, integrity protection at a higher layer, or Authentication Header AH, allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner...

CVE-2005-0039

CVE-2005-0039 describes vulnerabilities in IPsec configurations where using ESP in tunnel mode (with CBC mode) or AH without proper integrity protections allows an attacker to modify the outer packet and cause the inner, encrypted data to be exposed in plaintext via ICMP messages. The attacks inc...

CVE-2005-0039

Certain configurations of IPsec, when using Encapsulating Security Payload ESP in tunnel mode, integrity protection at a higher layer, or Authentication Header AH, allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner...

IPSec information leak

If ESP is used without integrity control it's possible to obtain plaintext data in ICMP error meesage by modifying source packet...

NISCC Vulnerability Advisory IPSEC - 004033

Abstract: Three attacks that apply to certain configurations of IPsec have been identified. These configurations use Encapsulating Security Payload ESP in tunnel mode with confidentiality only, or with integrity protection being provided by a higher layer protocol. Some configurations using AH to...

IPsec configurations may be vulnerable to information disclosure

Overview The IPsec Encapsulating Security Payload protocol used in tunneling mode may be vulnerable to multiple attacks when confidentiality mode is used without integrity protection, or in certain cases where integrity protection is provided by higher-level protocols. Description The IP Security...

Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords

Greetings, There appears to be some deficiencies in both the documentation of the 'md5' authentication methology in pghba.conf and in the md5 hash generation which is stored in pgshadow. The md5 hash which is generated for and stored in pgshadow does not use a random salt but instead uses the...