 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2008-1198 |
| Description: | The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.123978 1.3.6.1.4.1.25623.1.0.71110 1.3.6.1.4.1.25623.1.0.870555 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2008-1198 1019563 http://www.securitytracker.com/id?1019563 48045 http://secunia.com/advisories/48045 http://www.ernw.de/download/pskattack.pdf http://www.ernw.de/download/pskattack.pdf https://bugzilla.redhat.com/show_bug.cgi?id=435274 https://bugzilla.redhat.com/show_bug.cgi?id=435274 ipsec-ifup-weak-security(41053) https://exchange.xforce.ibmcloud.com/vulnerabilities/41053 |