Unrated severityNVD Advisory· Published Mar 6, 2008· Updated Jun 16, 2026

CVE-2008-1198

Description

The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an unencrypted preshared key (PSK) hash.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Red Hat/Enterprise Linux Server3 versions
cpe:2.3:a:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:redhat:enterprise_linux:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
Red Hat Enterprise Linux/Red Hat Enterprise Linuxllm-create
Range: 3 through 5

Patches

Vulnerability mechanics

References

www.ernw.de/download/pskattack.pdfnvdExploit
www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
secunia.com/advisories/48045nvdBroken Link
bugzilla.redhat.com/show_bug.cginvdIssue Tracking
exchange.xforce.ibmcloud.com/vulnerabilities/41053nvdVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000