|
|
CVE Reference: CVE-2005-0039 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-0039 |
|
|
Description: Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, integrity protection at a higher layer, or Authentication Header (AH), allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner packet to be returned in ICMP messages, as demonstrated using bit-flipping attacks and (1) Destination Address Rewriting, (2) a modified header length that causes portions of the packet to be interpreted as IP Options, or (3) a modified protocol field and source address. |
|
|
CVE Status: Candidate |
|
|
References: ST 1015320 SAID Secunia Advisory: SA17938 MISC http://www.niscc.gov.uk/niscc/docs/al-20050509-00386.html?lang=en HP http://www.securityfocus.com/archive/1/407774 CERT-VN 302220 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=111566201610350&w=2 BID 13562 |
|
| Return to the previous page. |
