Vulnerability in PIX 506E

Unanswered Question
Mar 11th, 2008
User Badges:

ISAKMP spi size buffer overflow


Internet Security Association and Key Management Protocol (ISAKMP) is a key exchange protocol signature. ISAKMP is vulnerable to a

buffer overflow. A remote attacker can send a specially-crafted ISAKMP payload to a vulnerable VPN client or server to overflow a buffer

and execute arbitrary code on the system, possibly with administrative privileges.

The supported operating systems in the Platforms Affected list are only vulnerable if they use the LibKmp ISAKMP library. Only VPN

or firewall products which implement the Entrust LibKmp ISAKMP library are vulnerable.



Remedy:

Apply the appropriate hotfix for this vulnerability, as listed in the Symantec Security Response SYM04-012 and available from the

Symantec FTP Update Web site. See References.


Can anyone help me resolved this? It is rated as high risk. Can't find remedy for this on the website.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
brettmilborrow Wed, 03/12/2008 - 01:30
User Badges:

How do you know that the pix 506E is vulnerable?


The advisory states that devices affected are only those that run the 'Entrust LibKmp ISAKMP' library.

neilmborilla Wed, 03/12/2008 - 17:39
User Badges:

Can you please explain further?


"... Only VPN

or firewall products which implement the Entrust LibKmp ISAKMP library are vulnerable."


Does it mean that PIX 506E does not support LibKmp ISAKMP library?


Please enlighten me


Thank you


Actions

This Discussion