ISAKMP Vulnerable to DoS and Execution of Arbitrary Code
Internet Security Association and Key Management Protocol (ISAKMP) contains a vulnerability that might lead to denial of service attacks or the execution of arbitrary code.
November 15, 2005
Internet Security Association and Key Management Protocol (ISAKMP) contains a vulnerability that might lead to denial of service attacks or the execution of arbitrary code. The vulnerability can be exploited by sending malformed Internet Key Exchange (IKE) packets. IKE is commonly used in IPSEC solutions. Affected products include software- and hardware-based solutions produced by Juniper Networks, Cisco Systems, SecGo Solutions, Stonesoft, Nortel, Sun Microsystems, and possibly other vendors. Microsoft reported that none if its products are vulnerable to this problem. If your network uses IKE or IPSEC then check with your vendor to determine your vulnerability status.
About the Author
You May Also Like