Overview
A vulnerability exists in the Novell Bordermanager VPN service that could allow a remote attacker to cause a denial of service.
Description
The Novell Bordermanager product includes Virtual Private Network (VPN) capabilities, including support for the standard Internet Key Exchange (IKE) protocol. A flaw exists in the way the VPN service handles certain malformed IKE packets. This flaw creates a remotely exploitable denial of service vulnerability that could cause an affected device to crash. The specific nature of the IKE packet malformation exploiting the vulnerability is unknown. |
Impact
A remote attacker with the ability to craft malformed IKE packets could cause an "abnormal ending" (abend) in the IKE.NLM module. This condition creates a denial of service on the server and causes clients previously connected to the server to hang. |
Solution
Apply a patch from the vendor Patches are available to address this issue. Please see the Systems Affected section of this document for more information. |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
Thanks to the Novell product security team for reporting this vulnerability. This vulnerability was discovered using the Striker test suite from Rapid7.
This document was written by Chad R Dougherty.
Other Information
| CVE IDs: | None |
| Severity Metric: | 7.43 |
| Date Public: | 2004-07-12 |
| Date First Published: | 2004-08-25 |
| Date Last Updated: | 2004-08-25 13:56 UTC |
| Document Revision: | 16 |