CVE-2005-3669

Description

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.

Affected products

• Cisco / adaptive_security_appliance_software7.0 – 7.0
• Cisco / firewall_services_module1.1.2 – 1.1.2
• Cisco / firewall_services_module1.1.3 – 1.1.3
• Cisco / firewall_services_module1.1_(3.005) – 1.1_(3.005)
• Cisco / firewall_services_module2.1_(0.208) – 2.1_(0.208)
• Cisco / firewall_services_module
• Cisco / IOS12.3xm – 12.3xm
• Cisco / IOS12.3xf – 12.3xf
• Cisco / IOS12.3xg – 12.3xg
• Cisco / IOS12.3xh – 12.3xh
• Cisco / IOS12.3xi – 12.3xi
• Cisco / IOS12.3xj – 12.3xj
• Cisco / IOS12.3xk – 12.3xk
• Cisco / IOS12.3xq – 12.3xq
• Cisco / IOS12.4xb – 12.4xb
• Cisco / IOS12.4xa – 12.4xa
• Cisco / IOS12.4t – 12.4t
• Cisco / IOS12.4 – 12.4
• Cisco / IOS12.3yx – 12.3yx
• Cisco / IOS12.3yw – 12.3yw
• Cisco / IOS12.3yu – 12.3yu
• Cisco / IOS12.3yt – 12.3yt
• Cisco / IOS12.3ys – 12.3ys
• Cisco / IOS12.3yq – 12.3yq
• Cisco / IOS12.3ym – 12.3ym
• Cisco / IOS12.3yk – 12.3yk
• Cisco / IOS12.3yj – 12.3yj
• Cisco / IOS12.3yi – 12.3yi
• Cisco / IOS12.3yh – 12.3yh
• Cisco / IOS12.3yg – 12.3yg
• Cisco / IOS12.3yf – 12.3yf
• Cisco / IOS12.3yd – 12.3yd
• Cisco / IOS12.3ya – 12.3ya
• Cisco / IOS12.3xx – 12.3xx
• Cisco / IOS12.3xw – 12.3xw
• Cisco / IOS12.3xu – 12.3xu
• Cisco / IOS12.3xs – 12.3xs
• Cisco / IOS12.3xr – 12.3xr
• Cisco / IOS12.2sxd – 12.2sxd
• Cisco / IOS12.3t – 12.3t
• Cisco / IOS12.3tpc – 12.3tpc
• Cisco / IOS12.3xd – 12.3xd
• Cisco / IOS12.3xe – 12.3xe
• Cisco / mds_9000
• Cisco / mds_9000_san-os1.3(3.33) – 1.3(3.33)
• Cisco / mds_9000_san-os2.0(0.86) – 2.0(0.86)
• Cisco / mds_9000_san-os1.3(4a) – 1.3(4a)
• Cisco / pix_firewall6.3.3_(133) – 6.3.3_(133)
• Cisco / pix_firewall6.2.3_(110) – 6.2.3_(110)
• Cisco / pix_firewall6.2.2_.111 – 6.2.2_.111
• Cisco / pix_firewall_software6.3(3.109) – 6.3(3.109)
• Cisco / pix_firewall_software5.2(2) – 5.2(2)
• Cisco / pix_firewall_software5.2(3.210) – 5.2(3.210)
• Cisco / pix_firewall_software5.2(5) – 5.2(5)
• Cisco / pix_firewall_software5.2(6) – 5.2(6)
• Cisco / pix_firewall_software5.2(7) – 5.2(7)
• Cisco / pix_firewall_software5.2(9) – 5.2(9)
• Cisco / pix_firewall_software5.3 – 5.3
• Cisco / pix_firewall_software5.3(1) – 5.3(1)
• Cisco / pix_firewall_software5.3(1.200) – 5.3(1.200)
• Cisco / pix_firewall_software5.3(2) – 5.3(2)
• Cisco / pix_firewall_software5.3(3) – 5.3(3)
• Cisco / pix_firewall_software6.0 – 6.0
• Cisco / pix_firewall_software6.0(1) – 6.0(1)
• Cisco / pix_firewall_software6.0(2) – 6.0(2)
• Cisco / pix_firewall_software6.0(3) – 6.0(3)
• Cisco / pix_firewall_software6.0(4) – 6.0(4)
• Cisco / pix_firewall_software6.0(4.101) – 6.0(4.101)
• Cisco / pix_firewall_software6.1 – 6.1
• Cisco / pix_firewall_software6.1(1) – 6.1(1)
• Cisco / pix_firewall_software6.1(2) – 6.1(2)
• Cisco / pix_firewall_software6.1(3) – 6.1(3)
• Cisco / pix_firewall_software6.1(4) – 6.1(4)
• Cisco / pix_firewall_software6.1(5) – 6.1(5)
• Cisco / pix_firewall_software6.1.5(104) – 6.1.5(104)
• Cisco / pix_firewall_software6.2 – 6.2
• Cisco / pix_firewall_software6.2(1) – 6.2(1)
• Cisco / pix_firewall_software6.2(2) – 6.2(2)
• Cisco / pix_firewall_software6.2(3) – 6.2(3)
• Cisco / pix_firewall_software6.2(3.100) – 6.2(3.100)
• Cisco / pix_firewall_software6.3 – 6.3
• Cisco / pix_firewall_software6.3(1) – 6.3(1)
• Cisco / pix_firewall_software6.3(2) – 6.3(2)
• Cisco / pix_firewall_software6.3(3.102) – 6.3(3.102)
• Cisco / pix_firewall_software2.7 – 2.7
• Cisco / pix_firewall_software3.0 – 3.0
• Cisco / pix_firewall_software3.1 – 3.1
• Cisco / pix_firewall_software4.0 – 4.0
• Cisco / pix_firewall_software4.1(6) – 4.1(6)
• Cisco / pix_firewall_software4.1(6b) – 4.1(6b)
• Cisco / pix_firewall_software4.2 – 4.2
• Cisco / pix_firewall_software4.2(1) – 4.2(1)
• Cisco / pix_firewall_software4.2(2) – 4.2(2)
• Cisco / pix_firewall_software4.2(5) – 4.2(5)
• Cisco / pix_firewall_software4.3 – 4.3
• Cisco / pix_firewall_software4.4 – 4.4
• Cisco / pix_firewall_software4.4(4) – 4.4(4)
• Cisco / pix_firewall_software4.4(7.202) – 4.4(7.202)
• Cisco / pix_firewall_software4.4(8) – 4.4(8)
• Cisco / pix_firewall_software5.0 – 5.0
• Cisco / pix_firewall_software5.1 – 5.1
• Cisco / pix_firewall_software5.1(4) – 5.1(4)
• Cisco / pix_firewall_software5.1(4.206) – 5.1(4.206)
• Cisco / pix_firewall_software5.2 – 5.2
• Cisco / pix_firewall_software5.2(1) – 5.2(1)
• Cisco / vpn_3000_concentrator_series_software4.7.1.f – 4.7.1.f
• Cisco / vpn_3000_concentrator_series_software4.7.1 – 4.7.1
• Cisco / vpn_3000_concentrator_series_software4.1.7.b – 4.1.7.b
• Cisco / vpn_3000_concentrator_series_software4.1.7.a – 4.1.7.a
• Cisco / vpn_3000_concentrator_series_software4.1.5.b – 4.1.5.b
• Cisco / vpn_3000_concentrator_series_software4.0.5.b – 4.0.5.b
• Cisco / vpn_3000_concentrator_series_software4.0.1 – 4.0.1
• Cisco / vpn_3000_concentrator_series_software4.0 – 4.0
• Cisco / vpn_3000_concentrator_series_software3.6.7d – 3.6.7d
• Cisco / vpn_3000_concentrator_series_software3.6.7 – 3.6.7
• Cisco / vpn_3000_concentrator_series_software3.6.1 – 3.6.1
• Cisco / vpn_3000_concentrator_series_software3.6 – 3.6
• Cisco / vpn_3000_concentrator_series_software3.5.5 – 3.5.5
• Cisco / vpn_3000_concentrator_series_software3.5.4 – 3.5.4
• Cisco / vpn_3000_concentrator_series_software3.5.3 – 3.5.3
• Cisco / vpn_3000_concentrator_series_software3.5.2 – 3.5.2
• Cisco / vpn_3000_concentrator_series_software3.5.1 – 3.5.1
• Cisco / vpn_3000_concentrator_series_software3.5(rel) – 3.5(rel)
• Cisco / vpn_3000_concentrator_series_software3.1.4 – 3.1.4
• Cisco / vpn_3000_concentrator_series_software3.1.2 – 3.1.2
• Cisco / vpn_3000_concentrator_series_software3.1.1 – 3.1.1
• Cisco / vpn_3000_concentrator_series_software3.1(rel) – 3.1(rel)
• Cisco / vpn_3000_concentrator_series_software3.1 – 3.1
• Cisco / vpn_3000_concentrator_series_software3.0.4 – 3.0.4
• Cisco / vpn_3000_concentrator_series_software3.0.3.b – 3.0.3.b
• Cisco / vpn_3000_concentrator_series_software3.0.3.a – 3.0.3.a
• Cisco / vpn_3000_concentrator_series_software3.0 – 3.0
• Cisco / vpn_3000_concentrator_series_software2.5.2.f – 2.5.2.f
• Cisco / vpn_3000_concentrator_series_software2.5.2.d – 2.5.2.d
• Cisco / vpn_3000_concentrator_series_software2.5.2.c – 2.5.2.c
• Cisco / vpn_3000_concentrator_series_software2.5.2.b – 2.5.2.b
• Cisco / vpn_3000_concentrator_series_software2.5.2.a – 2.5.2.a
• Cisco / vpn_3000_concentrator_series_software2.0 – 2.0

References

• MISChttp://securitytracker.com/id?1015200
• MISChttp://securitytracker.com/id?1015202
• MISChttp://www.niscc.gov.uk/niscc/docs/br-20051114-01013.html?lang=en
• MISChttp://jvn.jp/niscc/NISCC-273756/index.html
• MISChttp://securitytracker.com/id?1015201
• MISChttp://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
• MISChttp://www.securityfocus.com/bid/15401
• MISChttp://www.kb.cert.org/vuls/id/226364
• MISChttp://securitytracker.com/id?1015199
• MISChttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5226
• MISChttp://securitytracker.com/id?1015198
• VENDOR_ADVISORYhttp://www.cisco.com/warp/public/707/cisco-sa-20051114-ipsec.shtml
• VENDOR_ADVISORYhttp://secunia.com/advisories/17553