Microsoft Windows 2000 Internet Key Exchange DoS Vulnerability

Internet Protocol Security (IPSec) provides authentication and encryption for IP network traffic. The Internet Key Exchange (IKE) protocol is a management protocol standard which is used with the IPSec standard. IKE contributes to the IPSec standard by providing additional features and by default listens on UDP port 500.

An issue exists in IKE which could cause a Windows 2000 host to stop responding.

Connecting to port 500 and submitting a continuous stream of arbitrary packets, will cause the CPU utilization to spike to approximately 100%.

It should be noted that this vulnerability may be due to an underlying issue with the UDP protocol.


Privacy Statement
Copyright 2010, SecurityFocus