CVE-2008-1198

The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:C/I:N/A:N

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/48045	Broken Link
http://www.ernw.de/download/pskattack.pdf	Exploit
http://www.securitytracker.com/id?1019563	Third Party Advisory VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=435274	Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/41053	VDB Entry

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:redhat:enterprise_linux:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:3.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:5.0:::::::*

History

03 Feb 2022, 19:56

Type	Values Removed	Values Added
CPE	cpe:2.3:a:red_hat:enterprise_linux:4:::::::*	cpe:2.3:a:redhat:enterprise_linux:4.0:::::::*
CWE	~~CWE-16~~	NVD-CWE-noinfo
References	~~(SECTRACK) http://www.securitytracker.com/id?1019563 -~~	(SECTRACK) http://www.securitytracker.com/id?1019563 - Third Party Advisory, VDB Entry
References	~~(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/41053 -~~	(XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/41053 - VDB Entry
References	~~(SECUNIA) http://secunia.com/advisories/48045 -~~	(SECUNIA) http://secunia.com/advisories/48045 - Broken Link
References	~~(CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=435274 -~~	(CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=435274 - Issue Tracking

Information

Published : 2008-03-06 21:44

Updated : 2024-02-04 17:13

NVD link : CVE-2008-1198

Mitre link : CVE-2008-1198

CVE.ORG link : CVE-2008-1198

JSON object : View

Products Affected

redhat

enterprise_linux

CWE

NVD-CWE-noinfo

{"id": "CVE-2008-1198", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-03-06T21:44:00.000", "references": [{"url": "http://secunia.com/advisories/48045", "tags": ["Broken Link"], "source": "secalert@redhat.com"}, {"url": "http://www.ernw.de/download/pskattack.pdf", "tags": ["Exploit"], "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1019563", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=435274", "tags": ["Issue Tracking"], "source": "secalert@redhat.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41053", "tags": ["VDB Entry"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash."}, {"lang": "es", "value": "La secuencia de comandos por defecto IPSec ifup en Red Hat Enterprise Linux de 3 a 5 configura racoon para utilizar el modo agresivo de IKE en vez del modo principal de IKE, lo que facilita a atacantes remotos llevar a cabo ataques de fuerza bruta husmeando una clave hash que no ha sido compartida sin encriptar (PSK)."}], "lastModified": "2022-02-03T19:56:37.160", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF6847B7-2D5A-496A-A177-41164D4DE9E0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40D8DAE0-8E75-435C-9BD6-FAEED2ACB47C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3"}], "operator": "OR"}]}], "vendorComments": [{"comment": "Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1198\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.", "lastModified": "2008-03-07T00:00:00", "organization": "Red Hat"}], "sourceIdentifier": "secalert@redhat.com"}