CVE-2005-3669: Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers t...

Description

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.

Metrics

EPSS Probability

5.14%

91.3th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Cisco	Firewall Services Module	All versions
Cisco	Firewall Services Module	1.1.2
Cisco	Firewall Services Module	1.1.3
Cisco	Firewall Services Module	1.1_\(3.005\)
Cisco	Firewall Services Module	2.1_\(0.208\)
Cisco	Vpn 3000 Concentrator Series Software	2.0
Cisco	Vpn 3000 Concentrator Series Software	2.5.2.a
Cisco	Vpn 3000 Concentrator Series Software	2.5.2.b
Cisco	Vpn 3000 Concentrator Series Software	2.5.2.c
Cisco	Vpn 3000 Concentrator Series Software	2.5.2.d
Cisco	Vpn 3000 Concentrator Series Software	2.5.2.f
Cisco	Vpn 3000 Concentrator Series Software	3.0
Cisco	Vpn 3000 Concentrator Series Software	3.0.3.a
Cisco	Vpn 3000 Concentrator Series Software	3.0.3.b
Cisco	Vpn 3000 Concentrator Series Software	3.0.4
Cisco	Vpn 3000 Concentrator Series Software	3.1
Cisco	Vpn 3000 Concentrator Series Software	3.1\(rel\)
Cisco	Vpn 3000 Concentrator Series Software	3.1.1
Cisco	Vpn 3000 Concentrator Series Software	3.1.2
Cisco	Vpn 3000 Concentrator Series Software	3.1.4
Cisco	Vpn 3000 Concentrator Series Software	3.5\(rel\)
Cisco	Vpn 3000 Concentrator Series Software	3.5.1
Cisco	Vpn 3000 Concentrator Series Software	3.5.2
Cisco	Vpn 3000 Concentrator Series Software	3.5.3
Cisco	Vpn 3000 Concentrator Series Software	3.5.4
Cisco	Vpn 3000 Concentrator Series Software	3.5.5
Cisco	Vpn 3000 Concentrator Series Software	3.6
Cisco	Vpn 3000 Concentrator Series Software	3.6.1
Cisco	Vpn 3000 Concentrator Series Software	3.6.7
Cisco	Vpn 3000 Concentrator Series Software	3.6.7d
Cisco	Vpn 3000 Concentrator Series Software	4.0
Cisco	Vpn 3000 Concentrator Series Software	4.0.1
Cisco	Vpn 3000 Concentrator Series Software	4.0.5.b
Cisco	Vpn 3000 Concentrator Series Software	4.1.5.b
Cisco	Vpn 3000 Concentrator Series Software	4.1.7.a
Cisco	Vpn 3000 Concentrator Series Software	4.1.7.b
Cisco	Vpn 3000 Concentrator Series Software	4.7.1
Cisco	Vpn 3000 Concentrator Series Software	4.7.1.f
Cisco	Ios	12.2sxd
Cisco	Ios	12.3t
Cisco	Ios	12.3tpc
Cisco	Ios	12.3xd
Cisco	Ios	12.3xe
Cisco	Ios	12.3xf
Cisco	Ios	12.3xg
Cisco	Ios	12.3xh
Cisco	Ios	12.3xi
Cisco	Ios	12.3xj
Cisco	Ios	12.3xk
Cisco	Ios	12.3xm

Showing 50 of 138 affected configurations. See NVD for the full list.

References

Timeline

Published: Nov 18, 2005
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2005-3669?

Multiple unspecified vulnerabilities in the Internet Key Exchange version 1 (IKEv1) implementation in multiple Cisco products allow remote attackers to cause a denial of service (device reset) via certain malformed IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the Cisco advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to.

How severe is CVE-2005-3669?

Severity scoring for CVE-2005-3669 is pending analysis. The EPSS model estimates a 5.14% probability of exploitation in the next 30 days.

How do I fix CVE-2005-3669?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.