CVE-2018-5389

NameCVE-2018-5389
DescriptionThe Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ipsec-tools (PTS)stretch1:0.8.2+20140711-8+deb9u1vulnerable
isakmpd (PTS)stretch20041012-7.4vulnerable
buster20041012-8vulnerable
sid20041012-10vulnerable
libreswan (PTS)buster, buster (security)3.27-6+deb10u1vulnerable
bullseye, sid4.3-1vulnerable
strongswan (PTS)stretch (security), stretch5.5.1-4+deb9u4vulnerable
buster5.7.2-1vulnerable
bullseye, sid5.9.1-1vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ipsec-toolssource(unstable)(unfixed)unimportant
isakmpdsource(unstable)(unfixed)unimportant
libreswansource(unstable)(unfixed)unimportant
strongswansource(unstable)(unfixed)unimportant

Notes

https://www.usenix.org/conference/usenixsecurity18/presentation/felsch
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf
https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_felsch.pdf
vulnerability in IKEv1 protocol, not fixable in implementation; use strong passphrase or public-key cryptography

Search for package or bug name: Reporting problems