CVE-2004-0221

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.
References
Link Resource
http://marc.info/?l=bugtraq&m=108008530028019&w=2 Mailing List Third Party Advisory
http://www.kb.cert.org/vuls/id/524497 Third Party Advisory US Government Resource
http://www.openbsd.org/errata.html Product Vendor Advisory
http://www.rapid7.com/advisories/R7-0018.html Broken Link
http://www.securityfocus.com/bid/9907 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/alerts/2004/Mar/1009468.html Broken Link Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 Third Party Advisory VDB Entry
http://marc.info/?l=bugtraq&m=108008530028019&w=2 Mailing List Third Party Advisory
http://www.kb.cert.org/vuls/id/524497 Third Party Advisory US Government Resource
http://www.openbsd.org/errata.html Product Vendor Advisory
http://www.rapid7.com/advisories/R7-0018.html Broken Link
http://www.securityfocus.com/bid/9907 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/alerts/2004/Mar/1009468.html Broken Link Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*

History

20 Nov 2024, 23:48

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=108008530028019&w=2 - Mailing List, Third Party Advisory () http://marc.info/?l=bugtraq&m=108008530028019&w=2 - Mailing List, Third Party Advisory
References () http://www.kb.cert.org/vuls/id/524497 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/524497 - Third Party Advisory, US Government Resource
References () http://www.openbsd.org/errata.html - Product, Vendor Advisory () http://www.openbsd.org/errata.html - Product, Vendor Advisory
References () http://www.rapid7.com/advisories/R7-0018.html - Broken Link () http://www.rapid7.com/advisories/R7-0018.html - Broken Link
References () http://www.securityfocus.com/bid/9907 - Broken Link, Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/9907 - Broken Link, Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/alerts/2004/Mar/1009468.html - Broken Link, Third Party Advisory, VDB Entry () http://www.securitytracker.com/alerts/2004/Mar/1009468.html - Broken Link, Third Party Advisory, VDB Entry
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 - Third Party Advisory, VDB Entry

15 Feb 2024, 21:09

Type Values Removed Values Added
CWE NVD-CWE-Other CWE-125
References (OPENBSD) http://www.openbsd.org/errata.html - Vendor Advisory (OPENBSD) http://www.openbsd.org/errata.html - Product, Vendor Advisory
References (BUGTRAQ) http://marc.info/?l=bugtraq&m=108008530028019&w=2 - (BUGTRAQ) http://marc.info/?l=bugtraq&m=108008530028019&w=2 - Mailing List, Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/alerts/2004/Mar/1009468.html - (SECTRACK) http://www.securitytracker.com/alerts/2004/Mar/1009468.html - Broken Link, Third Party Advisory, VDB Entry
References (CERT-VN) http://www.kb.cert.org/vuls/id/524497 - US Government Resource (CERT-VN) http://www.kb.cert.org/vuls/id/524497 - Third Party Advisory, US Government Resource
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/15630 - Third Party Advisory, VDB Entry
References (MISC) http://www.rapid7.com/advisories/R7-0018.html - (MISC) http://www.rapid7.com/advisories/R7-0018.html - Broken Link
References (BID) http://www.securityfocus.com/bid/9907 - (BID) http://www.securityfocus.com/bid/9907 - Broken Link, Third Party Advisory, VDB Entry

Information

Published : 2004-05-04 04:00

Updated : 2024-11-20 23:48


NVD link : CVE-2004-0221

Mitre link : CVE-2004-0221

CVE.ORG link : CVE-2004-0221


JSON object : View

Products Affected

openbsd

  • openbsd
CWE
CWE-125

Out-of-bounds Read