CVE-2018-5389

NameCVE-2018-5389
DescriptionThe Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libreswan (PTS)bullseye4.3-1+deb11u4vulnerable
bullseye (security)4.3-1+deb11u3vulnerable
bookworm4.10-2+deb12u1vulnerable
sid, trixie4.14-1.1vulnerable
strongswan (PTS)bullseye (security), bullseye5.9.1-1+deb11u4vulnerable
bookworm, bookworm (security)5.9.8-5+deb12u1vulnerable
sid, trixie5.9.13-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ipsec-toolssource(unstable)(unfixed)unimportant
isakmpdsource(unstable)(unfixed)unimportant
libreswansource(unstable)(unfixed)unimportant
strongswansource(unstable)(unfixed)unimportant

Notes

https://www.usenix.org/conference/usenixsecurity18/presentation/felsch
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf
https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_felsch.pdf
vulnerability in IKEv1 protocol, not fixable in implementation; use strong passphrase or public-key cryptography
Search for package or bug name: Reporting problems