Vulnerability Bulletins |
Múltiples vulnerabilidades en IPSec IKE |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Denegación de Servicio |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Networking |
Affected software |
Cisco IOS 12.2SXD, 12.3T, 12.4, 12.4T Cisco PIX Firewall < 6.3(5) Cisco PIX Firewall/ASA < 7.0.1.4 Cisco Firewall Services Module (FWSM) < 2.3(3) Cisco VPN 3000 Series Concentrators < 4.1(7)H, 4.7(2)B Cisco MDS Series SanOS < 2.1(2) Solaris 9 / SPARC, x86 Solaris 10 / SPARC, x86 Symantec Enterprise Firewall Symantec Gateway Security Symantec Firewall /VPN Appliance Symantec Gateway Security Juniper/Netscreen ScreenOS Juniper JUNOS E/M/T/J-series routers Checkpoint VPN-1 Pro (VPN-1/FW-1) Checkpoint VPN-1 Edge Checkpoint Safe@ HP Tru64 UNIX 5.1B-3 HP Tru64 UNIX 5.1B-2/PK4 |
Description |
|
Se han descubierto múltiples vulnerabilidades en varias implementaciones del protocolo IPSec IKE. La vulnerabilidad reside en el manejo de mensajes IPSec IKE (Internet Key Exchange). Un atacante remoto podría causar una denegación de servicio mediante un paquete IKE especialmente diseñado. |
|
Solution |
|
Actualización de software Cisco Ver tabla de actualizaciones en: http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software Sun Solaris 9 / SPARC / patch 113451-11 Solaris 9 / x86 / patch 114435-10 Solaris 10 / SPARC / patch 118371-07 Solaris 10 / x86 / patch 118372-07 http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage Hewlett-Packard HP Jetdirect 635n / J7961A V.31.08 http://www.hp.com/go/dlm_sw HP-UX B.11.00 / HP-UX IPSec A.01.05.01 HP-UX B.11.11 / HP-UX IPSec A.01.07.02 HP-UX B.11.11 / HP-UX IPSec A.02.01 HP-UX B.11.23 / HP-UX IPSec A.02.01 http://www.hp.com/go/softwaredepot HP Tru64 UNIX / 5.1B-3 ERP Kit http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000381-V51BB26-ES-20060216 HP Tru64 UNIX / 5.1B-2/PK4 ERP Kit http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000407-V51BB25-ES-20060217 Symantec Symantec Enterprise Firewall / Windows / 8.0 / SEF8.0-20051114-00 http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html Symantec Enterprise Firewall / Solaris / 8.0 / SEF8.0-20051114-00 http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html Symantec Gateway Security 5000 Series / 3.0 / SGS3.0-2005114-02 http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html Symantec Gateway Security 5400 / 2.0.1 / SGS2.0.1-20051114-00 http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html Symantec Gateway Security 5310 / 1.0 / SG7004-20051114-00 http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html Symantec Gateway Security 5200,5300 / 1.0 / SG7004-20051114-00 http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html Symantec Gateway Security 5100 / SG7004-20051114-00 http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html Symantec Firewall, VPN Appliance / 200,200R / Build 1.8F http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html Symantec Firewall, VPN Appliance / 100 / Build 1.8F http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html Symantec Gateway Security 400 / 2.0 / Build 1103 http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html Symantec Gateway Security 300 / 2.0 / Build 1103 http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html Juniper ScreenOS 5.0.0r10d / 5XP, 5XT, 25, 50, 204, 208, 500, 5200/5400-M1 usando 8g, 24FE line cards ScreenOS 5.0.0r10b / 5GT, 5GT-WLAN, 5GT-ADSL ScreenOS 5.0.0r10a / ISG-1000, ISG-2000 ScreenOS 5.0.0-M2.r9a / 5200-M2/5400-M2 usando 8G, 24FE line cards ScreenOS 5.2.0r3 / 5XT, 5GT, 5GT-ADSL, 25, 50, 204, 208, 500, ISG-2000, 5200/5400-M1, 5200/5400-M2 JUNOSe / E-series routers / releases 5-2-4p0-8, 5-2-5, 5-3-4p0-5, 6-0-2p0-5, 6-0-3, 6-1-1p0-7, 6-1-2, 7-0-0p0-1, 7-0-1, 7-1-0 JUNOS / M/T/J-series routers / Release 6.4 y posterior http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt Checkpoint VPN-1/Firewall-1 NG with AI R54 / HFA_417 VPN-1/Firewall-1 NG with AI R55 / HFA_16 VPN-1/Firewall-1 NG with AI R55W / HFA_04 VPN-1/Firewall-1 NG with AI R55P / HFA_06 VPN-1 Pro NGX R60 / HFA_01 VPN-1 Pro NGX R60A VPN-1 Edge, Safe@ appliances / firmware 5.0.94 http://www.checkpoint.com/techsupport/hfa.html |
|
Standar resources |
|
Property | Value |
CVE |
CVE-2005-3669 CVE-2005-3674 CVE-2005-3768 CVE-2005-3733 CVE-2005-3673 |
BID | |
Other resources |
|
NISCC Vulnerability Advisory (273756/NISCC/ISAKMP) http://www.uniras.gov.uk/niscc/docs/br-20051114-01013.html?lang=en Cisco Security Advisory (68158) http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml Sun Alert Notification (102040) http://sunsolve.sun.com/search/document.do?assetkey=1-26-102040-1 HP SECURITY BULLETIN (HPSBPI02078) http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBPI02078 HP SECURITY BULLETIN (HPSBUX02076) http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX02076 HP SECURITY BULLETIN (HPSBTU02100) http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00602119 Symantec Security Advisory (SYM05-025) http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html Juniper Bulletin PSN-2005-11-007 http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt Checkpoint Solution document ID: #sk31316 http://secureknowledge.us.checkpoint.com/SecureKnowledge/login.do?OriginalAction=solution&id=sk31316 |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2005-11-16 |
1.1 | Avisos emitidos por HP (HPSBPI02078, HPSBUX02076) | 2005-11-21 |
1.2 | Aviso emitido por Symantec (SYM05-025) | 2005-11-23 |
1.3 | CAN añadido. Aviso emitido por Juniper (PSN-2005-11-007). Aviso emitido por Checkpoint (sk31316) | 2006-01-10 |
1.4 | Aviso emitido por HP (HPSBTU02100) | 2006-03-07 |
1.5 | Aviso emitido por Sun (102246) | 2006-05-08 |