Unrated severityNVD Advisory· Published May 10, 2005· Updated Apr 16, 2026

CVE-2005-0039

Description

Certain configurations of IPsec, when using Encapsulating Security Payload (ESP) in tunnel mode, integrity protection at a higher layer, or Authentication Header (AH), allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner packet to be returned in ICMP messages, as demonstrated using bit-flipping attacks and (1) Destination Address Rewriting, (2) a modified header length that causes portions of the packet to be interpreted as IP Options, or (3) a modified protocol field and source address.

Affected products

Nissc/Ipsec
cpe:2.3:a:nissc:ipsec:1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/302220nvdUS Government Resource
marc.infonvd
secunia.com/advisories/17938nvd
securitytracker.com/idnvd
www.niscc.gov.uk/niscc/docs/al-20050509-00386.htmlnvd
www.securityfocus.com/archive/1/407774nvd
www.securityfocus.com/bid/13562nvd
www.vupen.com/english/advisories/2005/0507nvd
www.vupen.com/english/advisories/2005/2806nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000