| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.8 | $0-$5k | 0.00 |
Summary
A vulnerability was found in ADTRAN NetVanta 3xxx/4xxx/5xxx. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2005-4564. No exploit exists. Upgrading the affected component is advised.
Details
A vulnerability was found in ADTRAN NetVanta 3xxx/4xxx/5xxx and classified as problematic. This issue affects an unknown function. The manipulation with an unknown input leads to a denial of service vulnerability. Using CWE to declare the problem leads to CWE-404. The product does not release or incorrectly releases a resource before it is made available for re-use. Impacted is availability. The summary by CVE is:
The Internet Key Exchange version 1 (IKEv1) implementation in ADTRAN NetVanta before 10.03.03.E might allow remote attackers to cause a denial of service via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
The weakness was disclosed 12/29/2005 with Oulu University Secure Programming Group (Website). The advisory is shared at secunia.com. The identification of this vulnerability is CVE-2005-4564 since 12/29/2005. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Neither technical details nor an exploit are publicly available.
It is declared as proof-of-concept.
Upgrading to version 10.03.03.e eliminates this vulnerability.
The vulnerability is also documented in the databases at SecurityFocus (BID 16028†) and Secunia (SA18179†). The entries VDB-27799 and VDB-27798 are pretty similar. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.3VulDB Meta Temp Score: 4.8
VulDB Base Score: 5.3
VulDB Temp Score: 4.8
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Denial of serviceCWE: CWE-404
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: NetVanta 10.03.03.e
Timeline
11/23/2005 🔍12/21/2005 🔍
12/29/2005 🔍
12/29/2005 🔍
12/29/2005 🔍
03/12/2015 🔍
07/15/2018 🔍
Sources
Advisory: secunia.com⛔Organization: Oulu University Secure Programming Group
Status: Not defined
Confirmation: 🔍
CVE: CVE-2005-4564 (🔍)
GCVE (CVE): GCVE-0-2005-4564
GCVE (VulDB): GCVE-100-27797
SecurityFocus: 16028 - ADTRAN NetVanta Products IKE Traffic Multiple Unspecified Vulnerabilities
Secunia: 18179 - ADTRAN NetVanta Products ISAKMP IKE Message Processing Vulnerabilities, Moderately Critical
Vupen: ADV-2005-3027
See also: 🔍
Entry
Created: 03/12/2015 11:11Updated: 07/15/2018 16:28
Changes: 03/12/2015 11:11 (53), 07/15/2018 16:28 (6)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.