NVD

Id
65824  
Name
CVE-2005-0039  
Description
Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, integrity protection at a higher layer, or Authentication Header (AH), allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner packet to be returned in ICMP messages, as demonstrated using bit-flipping attacks and (1) Destination Address Rewriting, (2) a modified header length that causes portions of the packet to be interpreted as IP Options, or (3) a modified protocol field and source address.  
Reject
 
CVSS Version
2  
CVSS Score
6.4  
Severity
Medium  
CVSS Base Score
6.4  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-03  
Published
2005-05-10  
Modified Date
2016-10-17  
Seq
2005-0039  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
342796 65824 CVE-2005-0039 20050509 NISCC Vulnerability Advisory IPSEC - 004033  View
342797 65824 CVE-2005-0039 1015320  View
342798 65824 CVE-2005-0039 VU#302220  View
342799 65824 CVE-2005-0039 http://www.niscc.gov.uk/niscc/docs/al-20050509-00386.html?lang=en  View
342800 65824 CVE-2005-0039 SSRT5957  View
342801 65824 CVE-2005-0039 13562  View
342802 65824 CVE-2005-0039 ADV-2005-0507  View
342803 65824 CVE-2005-0039 ADV-2005-2806  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
62512 JVNDB-2005-000714 IPSec 通信の設定に存在する脆弱性 IPSec 通信の際に、機密性 (Confidentiality) 保護のみで、完全性 (Integrity) 保護を設定していない時に発生する脆弱性が発見されました。ESP の使用している鍵 (AES、DES、Triple-DES) のバージョン・鍵サイズに関わらず発生します。 CVE-2005-0039 11243 CVE-2005-0039 65824 6.4 http://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000714.html 2005-12-05 2007-04-01 View