CVE-2018-5389

NameCVE-2018-5389
DescriptionThe Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well known, that the aggressive mode of IKEv1 PSK is vulnerable to offline dictionary or brute force attacks. For the main mode, however, only an online attack against PSK authentication was thought to be feasible. This vulnerability could allow an attacker to recover a weak Pre-Shared Key or enable the impersonation of a victim host or network.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
ipsec-tools (PTS)jessie, jessie (lts)1:0.8.2+20140711-2+deb8u1vulnerable
stretch1:0.8.2+20140711-8+deb9u1vulnerable
isakmpd (PTS)stretch20041012-7.4vulnerable
buster20041012-8vulnerable
libreswan (PTS)buster (security), buster, buster (lts)3.27-6+deb10u1vulnerable
bullseye4.3-1+deb11u4vulnerable
bullseye (security)4.3-1+deb11u3vulnerable
bookworm4.10-2+deb12u1vulnerable
sid, trixie4.14-1.1vulnerable
strongswan (PTS)jessie, jessie (lts)5.2.1-6+deb8u11vulnerable
stretch (security)5.5.1-4+deb9u6vulnerable
stretch (lts), stretch5.5.1-4+deb9u7vulnerable
buster (security), buster, buster (lts)5.7.2-1+deb10u4vulnerable
bullseye (security), bullseye5.9.1-1+deb11u4vulnerable
bookworm (security), bookworm5.9.8-5+deb12u1vulnerable
sid, trixie5.9.13-2vulnerable

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
ipsec-toolssource(unstable)(unfixed)unimportant
isakmpdsource(unstable)(unfixed)unimportant
libreswansource(unstable)(unfixed)unimportant
strongswansource(unstable)(unfixed)unimportant

Notes

https://www.usenix.org/conference/usenixsecurity18/presentation/felsch
https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-felsch.pdf
https://www.usenix.org/sites/default/files/conference/protected-files/security18_slides_felsch.pdf
vulnerability in IKEv1 protocol, not fixable in implementation; use strong passphrase or public-key cryptography

Search for package or bug name: Reporting problems