int(1981)

Boletines de Vulnerabilidades


Múltiples vulnerabilidades en IPSec IKE

Clasificación de la vulnerabilidad

Propiedad Valor
Nivel de Confianza Oficial
Impacto Denegación de Servicio
Dificultad Experto
Requerimientos del atacante Acceso remoto sin cuenta a un servicio estandar

Información sobre el sistema

Propiedad Valor
Fabricante afectado Networking
Software afectado Cisco IOS 12.2SXD, 12.3T, 12.4, 12.4T
Cisco PIX Firewall < 6.3(5)
Cisco PIX Firewall/ASA < 7.0.1.4
Cisco Firewall Services Module (FWSM) < 2.3(3)
Cisco VPN 3000 Series Concentrators < 4.1(7)H, 4.7(2)B
Cisco MDS Series SanOS < 2.1(2)
Solaris 9 / SPARC, x86
Solaris 10 / SPARC, x86
Symantec Enterprise Firewall
Symantec Gateway Security
Symantec Firewall /VPN Appliance
Symantec Gateway Security
Juniper/Netscreen ScreenOS
Juniper JUNOS E/M/T/J-series routers
Checkpoint VPN-1 Pro (VPN-1/FW-1)
Checkpoint VPN-1 Edge
Checkpoint Safe@
HP Tru64 UNIX 5.1B-3
HP Tru64 UNIX 5.1B-2/PK4

Descripción

Se han descubierto múltiples vulnerabilidades en varias implementaciones del protocolo IPSec IKE. La vulnerabilidad reside en el manejo de mensajes IPSec IKE (Internet Key Exchange).

Un atacante remoto podría causar una denegación de servicio mediante un paquete IKE especialmente diseñado.

Solución



Actualización de software

Cisco
Ver tabla de actualizaciones en:
http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml#software

Sun
Solaris 9 / SPARC / patch 113451-11
Solaris 9 / x86 / patch 114435-10
Solaris 10 / SPARC / patch 118371-07
Solaris 10 / x86 / patch 118372-07
http://sunsolve.sun.com/pub-cgi/show.pl?target=patchpage

Hewlett-Packard
HP Jetdirect 635n / J7961A V.31.08
http://www.hp.com/go/dlm_sw
HP-UX B.11.00 / HP-UX IPSec A.01.05.01
HP-UX B.11.11 / HP-UX IPSec A.01.07.02
HP-UX B.11.11 / HP-UX IPSec A.02.01
HP-UX B.11.23 / HP-UX IPSec A.02.01
http://www.hp.com/go/softwaredepot
HP Tru64 UNIX / 5.1B-3 ERP Kit
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000381-V51BB26-ES-20060216
HP Tru64 UNIX / 5.1B-2/PK4 ERP Kit
http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1000407-V51BB25-ES-20060217

Symantec
Symantec Enterprise Firewall / Windows / 8.0 / SEF8.0-20051114-00
http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8/files.html
Symantec Enterprise Firewall / Solaris / 8.0 / SEF8.0-20051114-00
http://www.symantec.com/techsupp/enterprise/products/sym_ent_firewall/sym_ent_fw_8_sol/files.html
Symantec Gateway Security 5000 Series / 3.0 / SGS3.0-2005114-02
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_5600_3/files.html
Symantec Gateway Security 5400 / 2.0.1 / SGS2.0.1-20051114-00
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_201_5400/files.html
Symantec Gateway Security 5310 / 1.0 / SG7004-20051114-00
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5310/files.html
Symantec Gateway Security 5200,5300 / 1.0 / SG7004-20051114-00
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_52005300/files.html
Symantec Gateway Security 5100 / SG7004-20051114-00
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sym_gw_security_1_5110/files.html
Symantec Firewall, VPN Appliance / 200,200R / Build 1.8F
http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_200r/files.html
Symantec Firewall, VPN Appliance / 100 / Build 1.8F
http://www.symantec.com/techsupp/enterprise/products/sym_fw_vpn_appliance/sym_fw_vpn_appliance_100/files.html
Symantec Gateway Security 400 / 2.0 / Build 1103
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_2_400/files.html
Symantec Gateway Security 300 / 2.0 / Build 1103
http://www.symantec.com/techsupp/enterprise/products/sym_gateway_security/sgs_300s_2/files.html

Juniper
ScreenOS 5.0.0r10d / 5XP, 5XT, 25, 50, 204, 208, 500, 5200/5400-M1 usando 8g, 24FE line cards
ScreenOS 5.0.0r10b / 5GT, 5GT-WLAN, 5GT-ADSL
ScreenOS 5.0.0r10a / ISG-1000, ISG-2000
ScreenOS 5.0.0-M2.r9a / 5200-M2/5400-M2 usando 8G, 24FE line cards
ScreenOS 5.2.0r3 / 5XT, 5GT, 5GT-ADSL, 25, 50, 204, 208, 500, ISG-2000, 5200/5400-M1, 5200/5400-M2
JUNOSe / E-series routers / releases 5-2-4p0-8, 5-2-5, 5-3-4p0-5, 6-0-2p0-5, 6-0-3, 6-1-1p0-7, 6-1-2, 7-0-0p0-1, 7-0-1, 7-1-0
JUNOS / M/T/J-series routers / Release 6.4 y posterior
http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt

Checkpoint
VPN-1/Firewall-1 NG with AI R54 / HFA_417
VPN-1/Firewall-1 NG with AI R55 / HFA_16
VPN-1/Firewall-1 NG with AI R55W / HFA_04
VPN-1/Firewall-1 NG with AI R55P / HFA_06
VPN-1 Pro NGX R60 / HFA_01
VPN-1 Pro NGX R60A
VPN-1 Edge, Safe@ appliances / firmware 5.0.94
http://www.checkpoint.com/techsupport/hfa.html

Identificadores estándar

Propiedad Valor
CVE CVE-2005-3669
CVE-2005-3674
CVE-2005-3768
CVE-2005-3733
CVE-2005-3673
BID

Recursos adicionales

NISCC Vulnerability Advisory (273756/NISCC/ISAKMP)
http://www.uniras.gov.uk/niscc/docs/br-20051114-01013.html?lang=en

Cisco Security Advisory (68158)
http://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml

Sun Alert Notification (102040)
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102040-1

HP SECURITY BULLETIN (HPSBPI02078)
http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBPI02078

HP SECURITY BULLETIN (HPSBUX02076)
http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX02076

HP SECURITY BULLETIN (HPSBTU02100)
http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00602119

Symantec Security Advisory (SYM05-025)
http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html

Juniper Bulletin PSN-2005-11-007
http://www.juniper.net/support/security/alerts/PSN-2005-11-007.txt

Checkpoint Solution document ID: #sk31316
http://secureknowledge.us.checkpoint.com/SecureKnowledge/login.do?OriginalAction=solution&id=sk31316

Histórico de versiones

Versión Comentario Fecha
1.0 Aviso emitido 2005-11-16
1.1 Avisos emitidos por HP (HPSBPI02078, HPSBUX02076) 2005-11-21
1.2 Aviso emitido por Symantec (SYM05-025) 2005-11-23
1.3 CAN añadido. Aviso emitido por Juniper (PSN-2005-11-007). Aviso emitido por Checkpoint (sk31316) 2006-01-10
1.4 Aviso emitido por HP (HPSBTU02100) 2006-03-07
1.5 Aviso emitido por Sun (102246) 2006-05-08

Miembros de

Ministerio de Defensa
CNI
CCN
CCN-CERT