Vulnerability Details : CVE-2008-1198
The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.
Threat overview for CVE-2008-1198
Top countries where our scanners detected CVE-2008-1198
Top open port discovered on systems with this issue
53
IPs affected by CVE-2008-1198 17,070
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-1198!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-1198
Probability of exploitation activity in the next 30 days: 0.37%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 72 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2008-1198
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:C/I:N/A:N |
8.6
|
6.9
|
NIST |
Vendor statements for CVE-2008-1198
-
Red Hat 2008-03-07Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2008-1198 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.
-
https://bugzilla.redhat.com/show_bug.cgi?id=435274
Issue Tracking
-
http://www.securitytracker.com/id?1019563
Third Party Advisory;VDB Entry
-
http://www.ernw.de/download/pskattack.pdf
Exploit
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/41053
VDB Entry
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*