CVE-2005-3768
Symantec Enterprise Firewall and Gateway Security - Buffer Overflow via IKEv1 Packet
Title source: llmDescription
Buffer overflow in the Internet Key Exchange version 1 (IKEv1) implementation in Symantec Dynamic VPN Services, as used in Enterprise Firewall, Gateway Security, and Firewall /VPN Appliance products, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
References (6)
Core 6
Core References
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015247
Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/17684
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/2517
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015249
Patch, Vendor Advisory x_refsource_confirm
http://securityresponse.symantec.com/avcenter/security/Content/2005.11.21.html
Patch vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015248
Scores
EPSS
0.0400
EPSS Percentile
88.6%
Details
Status
published
Products (10)
symantec/enterprise_firewall
8.0 (2 CPE variants)
symantec/firewall_vpn_appliance_100
symantec/firewall_vpn_appliance_200
symantec/gateway_security_300
2.0
symantec/gateway_security_400
2.0
symantec/gateway_security_5000_series
3.0
symantec/gateway_security_5100
symantec/gateway_security_5300
1.0
symantec/gateway_security_5310
1.0
symantec/gateway_security_5400
2.0.1
Published
Nov 23, 2005
Tracked Since
Feb 18, 2026