CVE-2008-1198

Published: Mar 6, 2008Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:M/Au:N/C:C/I:N/A:N

Exploitability: 8.6 / Impact: 6.9

Source: NVD

Description

The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.

Affected (3)

Products: Redhat: Enterprise Linux

1 product

Enterprise Linux

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 4.0
Redhat Enterprise Linux	Version 3.0
Redhat Enterprise Linux	Version 5.0

References (10)

http://secunia.com/advisories/48045

Source: secalert@redhat.com

Broken Link

http://www.ernw.de/download/pskattack.pdf

Source: secalert@redhat.com

Exploit

http://www.securitytracker.com/id?1019563

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=435274

Source: secalert@redhat.com

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/41053

Source: secalert@redhat.com

VDB Entry

http://secunia.com/advisories/48045

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

http://www.ernw.de/download/pskattack.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

http://www.securitytracker.com/id?1019563

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=435274

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

https://exchange.xforce.ibmcloud.com/vulnerabilities/41053

Source: af854a3a-2127-422b-91ae-364da2661108

VDB Entry

Timeline

No history available yet.