isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.
References
Configurations
History
20 Nov 2024, 23:48
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=108008530028019&w=2 - Mailing List, Third Party Advisory | |
References | () http://www.kb.cert.org/vuls/id/524497 - Third Party Advisory, US Government Resource | |
References | () http://www.openbsd.org/errata.html - Product, Vendor Advisory | |
References | () http://www.rapid7.com/advisories/R7-0018.html - Broken Link | |
References | () http://www.securityfocus.com/bid/9907 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/alerts/2004/Mar/1009468.html - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 - Third Party Advisory, VDB Entry |
15 Feb 2024, 21:09
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-125 | |
References | (OPENBSD) http://www.openbsd.org/errata.html - Product, Vendor Advisory | |
References | (BUGTRAQ) http://marc.info/?l=bugtraq&m=108008530028019&w=2 - Mailing List, Third Party Advisory | |
References | (SECTRACK) http://www.securitytracker.com/alerts/2004/Mar/1009468.html - Broken Link, Third Party Advisory, VDB Entry | |
References | (CERT-VN) http://www.kb.cert.org/vuls/id/524497 - Third Party Advisory, US Government Resource | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 - Third Party Advisory, VDB Entry | |
References | (MISC) http://www.rapid7.com/advisories/R7-0018.html - Broken Link | |
References | (BID) http://www.securityfocus.com/bid/9907 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2004-05-04 04:00
Updated : 2024-11-20 23:48
NVD link : CVE-2004-0221
Mitre link : CVE-2004-0221
CVE.ORG link : CVE-2004-0221
JSON object : View
Products Affected
openbsd
- openbsd
CWE
CWE-125
Out-of-bounds Read