Novell BorderManager IKE.NLM module denial of service
| novell-bordermanger-ikenlm-dos (16697) |  Medium Risk |
Description:
Novell BorderManager is vulnerable to a denial of service attack, caused by a vulnerability in the processing of VPN packets. If the firewall has been configured as a VPN server and a remote attacker is running the striker ISAKMP/VPN tool, the attacker could cause the VPN server to hang in the IKE.NLM module, which would cause the VPN service to crash.
Consequences:
Denial of Service
Remedy:
Apply the fix for this vulnerability, as listed in Novell Technical Information Document TID10093576. See References.
References:
- Novell Technical Information Document TID10093576: VPN server abend in IKE.NLM when striker ISAKMP/VPN vulnerability tool executed.
- BID-10727: Novell BorderManager Remote Denial Of Service Vulnerability
- BID-10728: Gattaca Server 2003 Multiple Denial Of Service Vulnerabilities
- BID-17031: Novell BorderManager Remote Denial Of Service Vulnerability
- CVE-2004-1457: The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to cause a denial of service (ABEND in IKE.NLM) via a malformed IKE packet, as sent by the Striker ISAKMP Protocol Test Suite.
- SA12067: Novell Bordermanager VPN Service Unspecified Denial of Service
- US-CERT VU#432097: Novell Bordermanager VPN Service denial-of-service vulnerability
Platforms Affected:
- Novell BorderManager 3.8 SP1
Reported:
Jul 14, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net