Lucene search

[email protected]NVD:CVE-2005-3768

HistoryNov 23, 2005 - 12:03 a.m.

CVE-2005-3768

2005-11-2300:03:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.016

Percentile

87.3%

JSON

Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.

Affected configurations

Nvd

Node

symantecenterprise_firewallMatch8.0solaris

symantecenterprise_firewallMatch8.0windows

Node

symantecfirewall_vpn_appliance_100

symantecfirewall_vpn_appliance_200

symantecgateway_security_300Match2.0

symantecgateway_security_400Match2.0

symantecgateway_security_5000_seriesMatch3.0

symantecgateway_security_5100

symantecgateway_security_5300Match1.0

symantecgateway_security_5310Match1.0

symantecgateway_security_5400Match2.0.1

VendorProductVersionCPE
symantecenterprise_firewall8.0cpe:2.3:a:symantec:enterprise_firewall:8.0:*:solaris:*:*:*:*:*
symantecenterprise_firewall8.0cpe:2.3:a:symantec:enterprise_firewall:8.0:*:windows:*:*:*:*:*
symantecfirewall_vpn_appliance_100*cpe:2.3:h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*
symantecfirewall_vpn_appliance_200*cpe:2.3:h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*
symantecgateway_security_3002.0cpe:2.3:h:symantec:gateway_security_300:2.0:*:*:*:*:*:*:*
symantecgateway_security_4002.0cpe:2.3:h:symantec:gateway_security_400:2.0:*:*:*:*:*:*:*
symantecgateway_security_5000_series3.0cpe:2.3:h:symantec:gateway_security_5000_series:3.0:*:*:*:*:*:*:*
symantecgateway_security_5100*cpe:2.3:h:symantec:gateway_security_5100:*:*:*:*:*:*:*:*
symantecgateway_security_53001.0cpe:2.3:h:symantec:gateway_security_5300:1.0:*:*:*:*:*:*:*
symantecgateway_security_53101.0cpe:2.3:h:symantec:gateway_security_5310:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	enterprise_firewall	8.0	cpe:2.3:a:symantec:enterprise_firewall:8.0::solaris:::::
symantec	enterprise_firewall	8.0	cpe:2.3:a:symantec:enterprise_firewall:8.0::windows:::::
symantec	firewall_vpn_appliance_100	*	cpe:2.3:h:symantec:firewall_vpn_appliance_100::::::::
symantec	firewall_vpn_appliance_200	*	cpe:2.3:h:symantec:firewall_vpn_appliance_200::::::::
symantec	gateway_security_300	2.0	cpe:2.3:h:symantec:gateway_security_300:2.0:::::::*
symantec	gateway_security_400	2.0	cpe:2.3:h:symantec:gateway_security_400:2.0:::::::*
symantec	gateway_security_5000_series	3.0	cpe:2.3:h:symantec:gateway_security_5000_series:3.0:::::::*
symantec	gateway_security_5100	*	cpe:2.3:h:symantec:gateway_security_5100::::::::
symantec	gateway_security_5300	1.0	cpe:2.3:h:symantec:gateway_security_5300:1.0:::::::*
symantec	gateway_security_5310	1.0	cpe:2.3:h:symantec:gateway_security_5310:1.0:::::::*

Rows per page:

1-10 of 111

References

secunia.com/advisories/17684

securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html

securitytracker.com/id?1015247

securitytracker.com/id?1015248

securitytracker.com/id?1015249

www.vupen.com/english/advisories/2005/2517

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

Confidence

High

EPSS

0.016

Percentile

87.3%

JSON

Related for NVD:CVE-2005-3768

cve1 cvelist1 cisco1