jump to navigation

DoS vulnerable via ISAKMP November 16, 2005

Posted by peewitsol in Technical.

Security Alert, November 16, 2005
ISAKMP Vulnerable to DoS and Execution of Arbitrary Code
Internet Security Association and Key Management Protocol (ISAKMP) contains a vulnerability that might lead to Denial of Service (DoS) attacks or the execution of arbitrary code. The vulnerability can be exploited by sending malformed Internet Key Exchange (IKE) packets. IKE is commonly used in IPsec solutions. Affected products include
software- and hardware-based solutions produced by Juniper Networks, Cisco Systems, SecGo Solutions, Stonesoft, Nortel, Sun Microsystems, and possibly other vendors. Microsoft reported that none if its products are vulnerable to this problem. If your network uses IKE or IPsec, check with your vendor to determine your vulnerability status.



No comments yet — be the first.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: