Lucene search

MitreCVE-2005-3768

HistoryNov 23, 2005 - 12:03 a.m.

CVE-2005-3768

2005-11-2300:03:00

mitre

web.nvd.nist.gov

cve-2005-3768

buffer overflow

ikev1

symantec

dynamic vpn services

enterprise firewall

gateway security

firewall

vulnerability

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.016

Percentile

87.3%

JSON

Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Affected configurations

Nvd

Node

symantecenterprise_firewallMatch8.0solaris

symantecenterprise_firewallMatch8.0windows

Node

symantecfirewall_vpn_appliance_100

symantecfirewall_vpn_appliance_200

symantecgateway_security_300Match2.0

symantecgateway_security_400Match2.0

symantecgateway_security_5000_seriesMatch3.0

symantecgateway_security_5100

symantecgateway_security_5300Match1.0

symantecgateway_security_5310Match1.0

symantecgateway_security_5400Match2.0.1

VendorProductVersionCPE
symantecenterprise_firewall8.0cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*
symantecenterprise_firewall8.0cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*
symantecfirewall_vpn_appliance_100*cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*
symantecfirewall_vpn_appliance_200*cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*
symantecgateway_security_3002.0cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*
symantecgateway_security_4002.0cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*
symantecgateway_security_5000_series3.0cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*
symantecgateway_security_5100*cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*
symantecgateway_security_53001.0cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*
symantecgateway_security_53101.0cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	enterprise_firewall	8.0	cpe:2.3:a:symantec:enterprise_firewall:8.0::solaris:::::
symantec	enterprise_firewall	8.0	cpe:2.3:a:symantec:enterprise_firewall:8.0::windows:::::
symantec	firewall_vpn_appliance_100	*	cpe:2.3:h:symantec:firewall_vpn_appliance_100::::::::
symantec	firewall_vpn_appliance_200	*	cpe:2.3:h:symantec:firewall_vpn_appliance_200::::::::
symantec	gateway_security_300	2.0	cpe:2.3:h:symantec:gateway_security_300:2.0:::::::*
symantec	gateway_security_400	2.0	cpe:2.3:h:symantec:gateway_security_400:2.0:::::::*
symantec	gateway_security_5000_series	3.0	cpe:2.3:h:symantec:gateway_security_5000_series:3.0:::::::*
symantec	gateway_security_5100	*	cpe:2.3:h:symantec:gateway_security_5100::::::::
symantec	gateway_security_5300	1.0	cpe:2.3:h:symantec:gateway_security_5300:1.0:::::::*
symantec	gateway_security_5310	1.0	cpe:2.3:h:symantec:gateway_security_5310:1.0:::::::*

Rows per page:

1-10 of 111

References

secunia.com/advisories/17684

securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html

securitytracker.com/id?1015247

securitytracker.com/id?1015248

securitytracker.com/id?1015249

www.vupen.com/english/advisories/2005/2517

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.016

Percentile

87.3%

JSON

Related for CVE-2005-3768