CVE-2005-2359 - OpenCVE

The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Freebsd	Freebsd

Configuration 1 [-]

OR	cpe:2.3:o:freebsd:freebsd:5.3:::::::*
	cpe:2.3:o:freebsd:freebsd:5.4:::::::*

References

Link	Resource
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc
http://secunia.com/advisories/16244/	Patch Vendor Advisory
http://securitytracker.com/id?1014586
http://www.securityfocus.com/bid/14394
https://exchange.xforce.ibmcloud.com/vulnerabilities/21551

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: freebsd

Published: 2005-08-01T04:00:00

Updated: 2017-07-10T14:57:01

Reserved: 2005-07-26T00:00:00

Link: CVE-2005-2359

JSON object: View

NVD Information

Status : Modified

Published: 2005-08-05T04:00:00.000

Modified: 2017-07-11T01:32:48.423

Link: CVE-2005-2359

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-07-27T00:00:00", "descriptions": [{"lang": "en", "value": "The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-10T14:57:01", "orgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "shortName": "freebsd"}, "references": [{"name": "16244", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/16244/"}, {"name": "FreeBSD-SA-05:19", "tags": ["vendor-advisory", "x_refsource_FREEBSD"], "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc"}, {"name": "freebsd-aesxcbcmac-security-bypass(21551)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21551"}, {"name": "14394", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/14394"}, {"name": "1014586", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1014586"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secteam@freebsd.org", "ID": "CVE-2005-2359", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "16244", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16244/"}, {"name": "FreeBSD-SA-05:19", "refsource": "FREEBSD", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc"}, {"name": "freebsd-aesxcbcmac-security-bypass(21551)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21551"}, {"name": "14394", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14394"}, {"name": "1014586", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1014586"}]}}}}, "cveMetadata": {"assignerOrgId": "63664ac6-956c-4cba-a5d0-f46076e16109", "assignerShortName": "freebsd", "cveId": "CVE-2005-2359", "datePublished": "2005-08-01T04:00:00", "dateReserved": "2005-07-26T00:00:00", "dateUpdated": "2017-07-10T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA", "vulnerable": true}, {"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:*:*:*:*:*:*:*", "matchCriteriaId": "AD85B1ED-1473-4C22-9E1E-53F07CF517E9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The AES-XCBC-MAC algorithm in IPsec in FreeBSD 5.3 and 5.4, when used for authentication without other encryption, uses a constant key instead of the one that was assigned by the system administrator, which can allow remote attackers to spoof packets to establish an IPsec session."}, {"lang": "es", "value": "El algoritmo AES-XCBC-MACen IPsec en FreeBSD 5.3 y 5.4, cuando se usa para autentificaci\u00f3n sin otra encriptaci\u00f3n, usa una clave constante (en vez de la que asigne el administrador del sistema). Esto puede permitir que atacantes remotos establezcan una sesi\u00f3n IPsec."}], "id": "CVE-2005-2359", "lastModified": "2017-07-11T01:32:48.423", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-08-05T04:00:00.000", "references": [{"source": "secteam@freebsd.org", "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc"}, {"source": "secteam@freebsd.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/16244/"}, {"source": "secteam@freebsd.org", "url": "http://securitytracker.com/id?1014586"}, {"source": "secteam@freebsd.org", "url": "http://www.securityfocus.com/bid/14394"}, {"source": "secteam@freebsd.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21551"}], "sourceIdentifier": "secteam@freebsd.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}