Notified: August 21, 2002 Updated: October 15, 2002
Not Affected
In relation to this CERT advisory on security vulnerability in IPsec implementations, Alcatel has conducted an immediate assessment to determine any impact this may have on our portfolio. An initial analysis has shown that none of our products is affected when used as delivered to customers. In particular, the OmniAccess 210, 250, 512 and OmniPCX Office are not affected. Customers may contact their Alcatel support representative for more details. The security of our customers' networks is of highest priority for Alcatel. Therefore we continue to test our product portfolio against potential security vulnerabilities in our products using IPsec technology and will provide updates if necessary.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: October 15, 2002
Affected
Vulnerable systems: Mac OS X 10.2 Mac OS X Server 10.2 Fixed in: Mac OS X 10.2.1 Mac OS X Server 10.2.1 Software updates are available from the "Software Update" pane in System Preferences or from the Apple Software Downloads site: Mac OS X Update 10.2.1 http://docs.info.apple.com/article.html?artnum=120147 Mac OS X Server Update 10.2.1 http://docs.info.apple.com/article.html?artnum=120149
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: December 11, 2002
Not Affected
Avaya VPN products, including the VPN Service Unit (VSU) Series of VPN Gateways as well as the VPNremote desktop VPN client software, do not exhibit this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 10, 2002 Updated: October 18, 2002
Not Affected
We have determined that no BorderWare products are vulnerable to the attacks described in VU#459371.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: October 21, 2002
Not Affected
Cisco products are not vulnerable to this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 22, 2002
Not Affected
Clavister Firewall with VPN module: Not vulnerable. Clavister VPN Client: Not vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: October 15, 2002
Not Affected
Cray, Inc. is not vulnerable as we provide no software that performs this type of function.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: December 11, 2002
Affected
Please see Debian Security Advisory DSA-201.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 11, 2002 Updated: October 15, 2002
Affected
eSoft InstaGate is only vulnerable to this denial of service attack if the attacker knows both the IP address of a tunnel endpoint and the SPI value for that tunnel. A patch is available through eSoft's SoftPak Director.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 11, 2002 Updated: October 15, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: October 15, 2002
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
This vulnerability has been addressed in FreeBSD 4.7-RELEASE: http://www.FreeBSD.org/cgi/cvsweb.cgi/src/sys/netinet6/esp_input.c#rev1.1.2.7
Notified: August 20, 2002 Updated: December 02, 2002
Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
FreeS/WAN 1.99 appears to address this issue: [http://www.freeswan.org/freeswan_trees/freeswan-1.99/CHANGES] "ESP (and AH, IPCOMP) potential DOS fix." [/klips/net/ipsec/ipsec_rcv.c]
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Updated: October 17, 2002
Affected
After analyzing the IPSec issue described in VU#459371 Global Technology Associates, Inc. has determined that GTA firewall products running GNAT Box system software version prior to version 3.3.1 are vulnerable to this attack. GTA has released system software updates to correct this vulnerability. For users with systems running GNAT Box system software version 3.3.0 a system software update version 3.3.1 is available from GTA's Online Support Center. For users with systems running GNAT Box system software version 3.2.x a system software update version 3.2.6 is available from GTA's Online Support Center. For users with systems running GNAT Box system software version 3.1.x or earlier no software update is available. Users should either upgrade to version 3.3.1 or add Remote Access filters to restrict access to designated remote VPN gateways. To report potential security vulnerabilities in GTA products, send an E-mail message to: security-alert@gta.com.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: October 15, 2002
Not Affected
SOURCE: Hewlett-Packard Company and Compaq Computer Corporation, a wholly-owned subsidiary of Hewlett-Packard Company RE: x-reference SSRT2326 IPSEC Not Vulnerable: HP-UX HP-MPE/ix HP Tru64 UNIX HP NonStop Servers HP OpenVMS
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 27, 2002 Updated: October 15, 2002
Not Affected
We've checked up on our router (Hitachi,Ltd. GR2000 series) about VU#459371. Our IPsec implemantation is NOT vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: December 11, 2002
Affected
The AIX operating system is vulnerable to the IPSec issues in releases 4.3.3, 5.1.0 and 5.2.0. Temporary patches are available through an efix package. The efix is available at the following URL: ftp://ftp.software.ibm.com/aix/efixes/security/ipsec_efix.tar.Z The following APARs will be available in the near future: AIX 4.3.3 APAR IY37800 (available approx 1/29/03) AIX 5.1.0 APAR IY37069 (available approx 12/18/02) AIX 5.2.0 APAR IY37182 (available approx 4/28/03)
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 15, 2002 Updated: December 11, 2002
Affected
IIJ SEIL/neu routers Firmware prior to 1.63 are vulnerable to this problem. Upgrade to firmware 1.63 or later (available at http://www.seil-neu.com/). If you do are not using IPsec, you are not affected, however, we suggest you to upgrade the firmware in any case.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 11, 2002 Updated: October 18, 2002
Not Affected
Intoto analyzed iGateway AH and ESP implementation for the DoS threat published in VU#459371, and found that iGateway is not vulnerable to this DoS attack.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: October 15, 2002
Affected
all past KAME-based implementations are vulnerable. which includes: MacOS 10.2 BSDi/WindRiver BSD/OS 4.2 and beyond NetBSD 1.5 and beyond FreeBSD 4.0 and beyond and probably (if they enable IPsec) Juniper JunOS Extreme Networks ExtremeWare WindRiver VxWorks Hitachi GR2000 router [CommWorks Total Control 100] Fujitsu GeoStream 920/940 router NEC IX5000 IIJ SEIL the problem has corrected on kame tree on 2002/08/21.
The vendor has not provided us with any further information regarding this vulnerability.
For authoritative statements, please reference specific vendor records.
Notified: September 09, 2002 Updated: October 15, 2002
Not Affected
The Edge Switching and Routing products (specifically, the B-STDX 9000, CBX500, GX550, PSAX family and Springtide family) are not vulnerable to VU 459371.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: October 17, 2002
Not Affected
Microsoft has conducted a thorough investigation based on this report. Microsoft products are not affected by this issue.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: October 21, 2002
Not Affected
MontaVista does not ship any IPSec applications, thus this is not applicable to us. We are not vulnerable to vu459371.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: December 11, 2002
Affected
sent on December 4, 2002
[Router Products]
IX 5000 Series
- is NOT vulnerable. IX 1000 / 2000 Series (IX1010, IX1011, IX1020, IX1050, Bluefire IX1035 and IX2010)
- is vulnerable in the case of Version 4.1 or prior. The exploitation is possible only when IPsec is enabled. - Fixed verion is 4.2.13 or greater. - To get fixed software, please contact to:
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: October 22, 2002
Affected
See NetBSD security advisory SA2002-016.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 27, 2002 Updated: August 29, 2002
Not Affected
NetScreen's Global PRO family of network management applications does not use IPSec and is not vulnerable to the issues raised in VU#459371. NetScreen has determined that ScreenOS, the operating software for NetScreen security devices, is not vulnerable to the issues raised in VU#459371. The IPSec implementation in the NetScreen Remote family of VPN and security clients has been examined and NetScreen has determined that it is not vulnerable to the issues raised in VU#459371.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: October 10, 2002 Updated: October 15, 2002
Not Affected
NetApp products are not vulnerable.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: December 11, 2002
Not Affected
The following Nortel Networks products implement IPsec but are not affected by the vulnerabilities noted in VU#459371: The Preside Multi-Service Data Manager (MDM) is not affected. There are no issues with the Contivity Platform, this includes the: Contivity 600/1500/1600/2000/2500/2600/4500/4600 Contivity 1010/1050/1100 Contivity 1700/2700 Contivity software releases 3.5 and beyond including the Contivity VPN Client The Shasta 5000 Broadband Services Node is not affected.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: December 11, 2002 Updated: December 11, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: October 21, 2002
Not Affected
Openwall GNU/*/Linux is not vulnerable. We don't yet support IPsec.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: October 15, 2002
Not Affected
SafeNet's VPN clients are not susceptible to this vulerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: December 11, 2002
Not Affected
1. CERT/CC Vulnerability Note VU#459371 Multiple IPSec implementations do not adequately validate authentication data: CERT/CC has announced a new vulnerability on IPSec (see the "Vulnerability Note VU#459371" referred). Based on our review, SSH IPSEC Express Toolkit 4.x/5.x and SSH QuickSec Toolkit 1.x are not vulnerable to the attack described. The sanity check relevant for this functionality is located in the transform code of the IPSec packet processing. More information can be found at: http://www.kb.cert.org/vuls/id/459371 This vulnerability has been assigned CAN-2002-0666 by CVE.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 20, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
Notified: August 21, 2002 Updated: August 29, 2002
Unknown
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.