03-11-2008 08:56 PM - edited 03-11-2019 05:15 AM
ISAKMP spi size buffer overflow
Internet Security Association and Key Management Protocol (ISAKMP) is a key exchange protocol signature. ISAKMP is vulnerable to a
buffer overflow. A remote attacker can send a specially-crafted ISAKMP payload to a vulnerable VPN client or server to overflow a buffer
and execute arbitrary code on the system, possibly with administrative privileges.
The supported operating systems in the Platforms Affected list are only vulnerable if they use the LibKmp ISAKMP library. Only VPN
or firewall products which implement the Entrust LibKmp ISAKMP library are vulnerable.
Remedy:
Apply the appropriate hotfix for this vulnerability, as listed in the Symantec Security Response SYM04-012 and available from the
Symantec FTP Update Web site. See References.
Can anyone help me resolved this? It is rated as high risk. Can't find remedy for this on the website.
03-12-2008 01:28 AM
.
03-12-2008 01:30 AM
How do you know that the pix 506E is vulnerable?
The advisory states that devices affected are only those that run the 'Entrust LibKmp ISAKMP' library.
03-12-2008 05:39 PM
Can you please explain further?
"... Only VPN
or firewall products which implement the Entrust LibKmp ISAKMP library are vulnerable."
Does it mean that PIX 506E does not support LibKmp ISAKMP library?
Please enlighten me
Thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide