Risk: Informational
CERT-FI and NISCC have released a joint advisory disclosing multiple vulnerabilities in implementation of the ISAKMP Protocol.
The vulnerabilities affect the Internet Security Association and Key Management Protocol (ISAKMP), which is used to provide associations for other security protocols.
Internet Key Exchange version 1 (IKEv1), a derivate of ISAKMP, is an important part of IPsec. IPsec is widely used to secure exchange of packets at the IP layer and mostly used to implement Virtual Private Networks (VPNs). In addition to dedicated VPN-products, ISAKMP/IKE support has also been included in many operating system distribution packages and some firewall products.
These flaws may expose Denial-of-Service conditions, format string vulnerabilities, and buffer overflows. In some cases, it may be possible for an attacker to execute code.
The severity of these vulnerabilities varies by vendor, please see the "Vendor Information" section in the referenced advisory for further information or contact your vendor for product specific information.
At the time of writing, the following vendors have provided information of how their products are affected by this vulnerability:
- 3Com
- Aruba
- Barron McCann
- Check Point
- Cisco
- Entrust
- HP
- IBM
- Intoto Inc
- Microsoft
- Mitel Corporation
- Nortel
- Secgo
- SonicWALL
- Stonesoft Corp
- StrongSwan
- Sun
- Symantec
- TeamF1 Inc
- Juniper Networks, Inc