6.4

CVE-2005-0039

EPSS 2.29%
Veröffentlicht 10.05.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, integrity protection at a higher layer, or Authentication Header (AH), allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner packet to be returned in ICMP messages, as demonstrated using bit-flipping attacks and (1) Destination Address Rewriting, (2) a modified header length that causes portions of the packet to be interpreted as IP Options, or (3) a modified protocol field and source address.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Nissc ≫ Ipsec Version1.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.29%	0.832

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.4	10	4.9	AV:N/AC:L/Au:N/C:P/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://marc.info/?l=bugtraq&m=111566201610350&w=2

http://secunia.com/advisories/17938

http://securitytracker.com/id?1015320

http://www.kb.cert.org/vuls/id/302220

US Government Resource

http://www.niscc.gov.uk/niscc/docs/al-20050509-00386.html?lang=en

http://www.securityfocus.com/archive/1/407774

http://www.securityfocus.com/bid/13562

http://www.vupen.com/english/advisories/2005/0507

http://www.vupen.com/english/advisories/2005/2806

https://nvd.nist.gov/vuln/detail/CVE-2005-0039

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0039

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0039

EUVD