Vulnerability Name: CVE-2005-4570 (CCN-23033) Assigned: 2005-11-14 Published: 2005-11-14 Updated: 2011-03-08 Summary: The Internet Key Exchange version 1 (IKEv1) implementations in Fortinet FortiOS 2.50, 2.80 and 3.0, FortiClient 2.0,; and FortiManager 2.80 and 3.0 allow remote attackers to cause a denial of service (termination of a process that is automatically restarted) via IKE packets with invalid values of certain IPSec attributes, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. Note CVE-2005-3666 , CVE-2005-3667 , and/or CVE-2005-3668 this issue applies to. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-Other Vulnerability Consequences: Gain Access References: Source: CCNSSRT5979 - HP Jetdirect 635n IPv6/IPsec Print Server (J7961A) Remote Denial of Service (DoS) CVE-2005-3666 CVE-2005-3667 CVE-2005-3668 CVE-2005-3669 CVE-2005-3670 CVE-2005-3671 CVE-2005-3672 CVE-2005-3673 CVE-2005-3674 CVE-2005-3732 CVE-2005-3733 CVE-2005-3768 CVE-2005-3915 CVE-2005-3985 CVE-2005-4321 CVE-2005-4465 CVE-2005-4564 CVE-2005-4565 CVE-2005-4566 CVE-2005-4570 CVE-2006-0718 CVE-2006-1268 CVE-2006-1646 IPsec-Tools Homepage ipsec-tools security update Cisco ISAKMP IKE Message Processing Denial of Service Sun Solaris in.iked ISAKMP IKE Message Processing Denial of Service StoneGate Firewall and VPN ISAKMP IKE Message Processing Denial of Service Juniper JUNOS/JUNOSe/ScreenOS ISAKMP IKE Message Processing Denial of Service Openswan ISAKMP IKE Message Processing Denial of Service HP JetDirect Print Server IPSec Denial of Service Check Point Firewall/VPN ISAKMP IKE Message Processing Denial of Service Clavister Products ISAKMP IKE Message Processing Denial of Service IPsec-Tools ISAKMP IKE Message Processing Denial of Service Symantec Firewall/VPN/Gateway ISAKMP Message Processing Denial of Service Astaro Security Linux ISAKMP Denial of Service Vulnerability Apani EpiForce Agent ISAKMP IKE Message Processing Denial of Service NEC UNIVERGE ISAKMP IKE Message Processing Denial of Service ADTRAN NetVanta Products ISAKMP IKE Message Processing Vulnerabilities Fortinet Products ISAKMP IKE Message Processing Vulnerabilities 18446 Avaya CSU/VSU ISAKMP IKE Message Processing Vulnerabilities HP Tru64 UNIX IPSEC/ISAKMP Processing Denial of Service Funkwerk X2300 ISAKMP IKE Message Processing Vulnerabilities NetBSD racoon IKE Message Processing Denial of Service Symantec Dynamic VPN Services: ISAKMP Denial of Service Cisco IOS IPSec IKE Processing Lets Remote Users Deny Service Cisco VPN 3000 IPSec IKE Processing Lets Remote Users Deny Service Cisco Firewall Services Module IKE Processing Lets Remote Users Deny Service Cisco MDS IKE Processing Lets Remote Users Deny Service Cisco PIX Firewall IKE Processing Lets Remote Users Deny Service Juniper JUNOS/JUNOSe IKE Processing Lets Remote Users Deny Service Sun Solaris IKE Processing Lets Remote Users Deny Service Openswan IKE Processing Lets Remote Users Deny Service HP JetDirect 635n Print Server IKE Processing Lets Remote Users Deny Service HP-UX IPSec IKE Processing Lets Remote Users Deny Service Check Point FireWall-1/VPN-1 IPSec IKE Processing Lets Remote Users Deny Service Symantec Enterprise Firewall IPSec IKE Processing Lets Remote Users Deny Service Symantec Gateway Security IPSec IKE Processing Lets Remote Users Deny Service Symantec Firewall/VPN Appliance IPSec IKE Processing Lets Remote Users Deny Service IPSec-tools IKE Processing Lets Remote Users Deny Service Apani Networks EpiForce IPSec IKE Processing Lets Remote Users Deny Service HP Tru64 UNIX IPSec IKE Processing Lets Remote Users Deny Service Multiple Vulnerabilities in IKEv1 (US-CERT-VU#226364 NISCC-273756) ipsec-tools security update (RHSA-2006-0267) VPN ISAKMP Message Processing Denial of Service Multiple Vulnerabilities Found by PROTOS IPSec Test Suite ipsec-tools -- null dereference http://www.fortinet.com/FortiGuardCenter/VU226364.html Funkwerk Enterprise Communications [bintec X2300 Family] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Juniper Networks JUNOS Juniper Networks JUNOSe Multiple vulnerabilities in Internet Key Exchange (IKE) version 1 implementations Multiple Vulnerability Issues in Implementation of ISAKMP Protocol Multiple Vendor ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Funkwerk X2300 Crafted IKE Packet DoS (ISAKP PROTOS) Cisco Multiple Products ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Openswan ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) FreeS/WAN ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Juniper Multiple Products ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Secgo Crypto IP Products ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Solaris in.iked ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) KAME Racoon ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) OpenBSD isakmpd(8) ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Nortel Switched Firewall ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Check Point FW-1 ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) StoneGate Firewall / VPN ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Astaro Security Linux ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) HP Tru64 UNIX ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) IPsec-Tools ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) BlackBerry ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Symantec Multiple Products ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Clavister Products ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) APANI Networks EpiForce ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) NEC UNIVERGE ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Fortinet Multiple Products ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) Avaya CSU/VSU ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) HP-UX IPSec ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) HP JetDirect Print Server ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) ADTRAN NetVanta Products (split) ISAKMP Protocol Unspecified Malformed Input Remote DoS (PROTOS) ADTRAN NetVanta Products (split) ISAKMP Protocol Unspecified Remote Overflow (PROTOS) ADTRAN NetVanta Products (split) ISAKMP Protocol Unspecified Remote Format String (PROTOS) Secgo Cisco IPSec Unspecified IKE Traffic Denial Of Service Vulnerabilities Juniper Networks Routers ISAKMP IKE Traffic Multiple Unspecified Vulnerabilities Secgo Software Crypto IP Gateway/Client IKEv1 Traffic Multiple Unspecified Vulnerabilities Stonesoft StoneGate Firewall/VPN Client IKEv1 Traffic Multiple Unspecified Vulnerabilities Openswan IKE Traffic Denial Of Service Vulnerabilities Sun Solaris LibIKE IKE Exchange Denial Of Service Vulnerability HP Jetdirect 635n IPv6/IPsec Print Server IKE Exchange Denial Of Service Vulnerability HP-UX IKE Exchange Denial Of Service Vulnerabilities Check Point Firewall-1 and VPN-1 ISAKMP IKE Unspecified Denial of Service Vulnerability Symantec Dynamic VPN Services IKE Traffic Denial Of Service Vulnerabilities IPSec-Tools IKE Message Handling Denial of Service Vulnerability Multiple Clavister Products IKE Exchange Denial Of Service Vulnerabilities Astaro Security Linux ISAKMP IKE Traffic Denial of Service Vulnerability APANI Networks EpiForce Agent Denial Of Service Vulnerability 15997 Multiple Fortinet Products IKE Exchange Denial Of Service Vulnerabilities NEC UNIVERGE IX1000/IX2000/IX3000 IKE Exchange Denial Of Service Vulnerabilities ADTRAN NetVanta Products IKE Traffic Multiple Unspecified Vulnerabilities Avaya VSU/CSU Products ISAKMP IKE Traffic Denial of Service Vulnerability HP Tru64 IKE Exchange Denial Of Service Vulnerabilities Funkwerk X2300 Unspecified Denial Of Service Vulnerability IKE Vulnerabilities in StoneGate Firewall ipsec-tools vulnerability ADV-2006-0182 ISAKMP Vulnerability isakmp-improper-packet-handling(23033) Stonesoft Products Downloads freeswanopenswanipsec-tools denial of service Vulnerable Configuration: Configuration 1 :cpe:/o:fortinet:fortios:2.50:*:*:*:*:*:*:* OR cpe:/o:fortinet:fortios:2.80:*:*:*:*:*:*:* OR cpe:/o:fortinet:fortios:3.0:*:*:*:*:*:*:* Configuration 2 :cpe:/a:fortinet:forticlient:2.0:*:*:*:*:*:*:* OR cpe:/h:fortinet:fortimanager:2.80:*:*:*:*:*:*:* OR cpe:/h:fortinet:fortimanager:3.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/h:cisco:pix_firewall_520:*:*:*:*:*:*:*:* OR cpe:/h:cisco:pix_firewall_501:*:*:*:*:*:*:*:* OR cpe:/a:cisco:pix_firewall:6.1.5(104):*:*:*:*:*:*:* OR cpe:/o:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:* OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:* OR cpe:/h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:* OR cpe:/h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:* OR cpe:/h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:8:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:* OR cpe:/h:cisco:mds_9000:*:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3t:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.1:*:*:*:*:*:*:* OR cpe:/a:checkpoint:vpn-1_firewall-1_next_generation:-:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:* OR cpe:/a:symantec:enterprise_firewall:8.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xe:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.2:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.2sxd:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xd:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xf:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xg:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xh:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xi:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xj:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xk:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xm:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xq:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xr:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xs:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xu:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xx:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3xw:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3ya:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yd:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yf:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yg:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yh:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yj:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:* OR cpe:/h:symantec:gateway_security:5300_1.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yi:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yk:*:*:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:* OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:* OR cpe:/o:cisco:ios:12.3ys:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3:*:*:*:*:*:*:* OR cpe:/a:mandrakesoft:mandrake_multi_network_firewall:2.0:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yq:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yt:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yu:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.4t:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yw:*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:10.0:*:oss:*:*:*:*:* OR cpe:/o:cisco:ios:12.3tpc:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.4xa:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.4xb:*:*:*:*:*:*:* OR cpe:/h:juniper:junos:-:*:*:*:*:*:*:* OR cpe:/o:juniper:junos_e:*:*:*:*:*:*:*:* OR cpe:/o:cisco:pix_firewall:6.3.3_(133):*:*:*:*:*:*:* OR cpe:/h:symantec:gateway_security:5400_2.0.1:*:*:*:*:*:*:* OR cpe:/h:symantec:gateway_security:5310_1.0:*:*:*:*:*:*:* OR cpe:/h:symantec:gateway_security:5200_1.0:*:*:*:*:*:*:* OR cpe:/h:symantec:gateway_security_5100:*:*:*:*:*:*:*:* OR cpe:/h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:* OR cpe:/h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3ym:*:*:*:*:*:*:* OR cpe:/o:cisco:ios:12.3yx:*:*:*:*:*:*:* OR cpe:/o:suse:linux_enterprise_server:9:*:*:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:x86-64:*:*:*:*:* OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:x86-64:*:*:*:*:* OR cpe:/o:cisco:ios:12.4:*:*:*:*:*:*:* OR cpe:/h:cisco:firewall_services_module:1.1.2:*:*:*:*:*:*:* OR cpe:/h:cisco:firewall_services_module:1.1.3:*:*:*:*:*:*:* OR cpe:/h:hp:jetdirect_635n:*:*:*:*:*:*:*:* OR cpe:/a:cisco:pix_firewall:6.1.5(104):*:*:*:*:*:*:* OR cpe:/o:suse:suse_linux:9.3:*:*:*:*:*:*:* BACK
fortinet fortios 2.50
fortinet fortios 2.80
fortinet fortios 3.0
fortinet forticlient 2.0
fortinet fortimanager 2.80
fortinet fortimanager 3.0
cisco pix firewall 520 *
cisco pix firewall 501 *
cisco pix firewall 6.1.5(104)
cisco pix firewall 6.2.2_.111
gentoo linux *
symantec firewall vpn appliance 100 *
symantec firewall vpn appliance 200 *
symantec firewall vpn appliance 200r *
suse linux enterprise server 8
redhat enterprise linux 3
redhat enterprise linux 3
redhat enterprise linux 3
cisco mds 9000 *
cisco ios 12.3t
suse suse linux 9.1
checkpoint vpn-1 firewall-1 next generation -
redhat enterprise linux 3
symantec enterprise firewall 8.0
cisco ios 12.3xe
suse suse linux 9.2
mandrakesoft mandrake linux 10.1
cisco ios 12.2sxd
cisco ios 12.3xd
cisco ios 12.3xf
cisco ios 12.3xg
cisco ios 12.3xh
cisco ios 12.3xi
cisco ios 12.3xj
cisco ios 12.3xk
cisco ios 12.3xm
cisco ios 12.3xq
cisco ios 12.3xr
cisco ios 12.3xs
cisco ios 12.3xu
cisco ios 12.3xx
cisco ios 12.3xw
cisco ios 12.3ya
cisco ios 12.3yd
cisco ios 12.3yf
cisco ios 12.3yg
cisco ios 12.3yh
cisco ios 12.3yj
redhat enterprise linux 4
redhat enterprise linux 4
symantec gateway security 5300_1.0
cisco ios 12.3yi
cisco ios 12.3yk
redhat enterprise linux 4
redhat enterprise linux 4
cisco ios 12.3ys
cisco ios 12.3
mandrakesoft mandrake multi network firewall 2.0
cisco ios 12.3yq
cisco ios 12.3yt
cisco ios 12.3yu
cisco ios 12.4t
cisco ios 12.3yw
suse suse linux 10.0
cisco ios 12.3tpc
cisco ios 12.4xa
cisco ios 12.4xb
juniper junos -
juniper junos e *
cisco pix firewall 6.3.3_(133)
symantec gateway security 5400_2.0.1
symantec gateway security 5310_1.0
symantec gateway security 5200_1.0
symantec gateway security 5100 *
symantec gateway security 400 2.0
symantec gateway security 300 2.0
mandrakesoft mandrake linux 2006
cisco ios 12.3ym
cisco ios 12.3yx
suse linux enterprise server 9
mandrakesoft mandrake linux 10.1
mandrakesoft mandrake linux 2006
cisco ios 12.4
cisco firewall services module 1.1.2
cisco firewall services module 1.1.3
hp jetdirect 635n *
cisco pix firewall 6.1.5(104)
suse suse linux 9.3
Denotes that component is vulnerable