7.1
CVE-2008-1198
- EPSS 2.43%
- Veröffentlicht 06.03.2008 21:44:00
- Zuletzt bearbeitet 16.06.2026 22:51:12
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Enterprise Linux Version4.0
Redhat ≫ Enterprise Linux Version3.0
Redhat ≫ Enterprise Linux Version5.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.43% | 0.821 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.1 | 8.6 | 6.9 |
AV:N/AC:M/Au:N/C:C/I:N/A:N
|
http://secunia.com/advisories/48045
http://www.ernw.de/download/pskattack.pdf
http://www.securitytracker.com/id?1019563
https://bugzilla.redhat.com/show_bug.cgi?id=435274
https://exchange.xforce.ibmcloud.com/vulnerabilities/41053