CVE-2007-3805 Information

Description

The IKE implementation in Clavister CorePlus before 8.80.03 and 8.80.00 does not properly validate certificates during IKE negotiation which allows remote attackers to cause a denial of service (gateway stop) via certain certificates.

Reference

http://osvdb.org/37972 http://secunia.com/advisories/25957 http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf http://www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/35370