Skip to content
Medium Published: May 04, 2004 Modified: Apr 03, 2025

CVE-2004-0184

5 CVSS Score Medium
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Export CVE-2004-0184 Data:
Share:
Link copied!

Description

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality None
Integrity None
Availability P

Affected Software Configurations

  • a tcpdump tcpdump * * * * * * * *

Weaknesses (CWE)

  • CWE-125

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2004-0183 CVSS 0 Same weakness: CWE-125 CVE-2004-0221 CVSS 0 Same weakness: CWE-125 CVE-2004-0421 CVSS 0 Same weakness: CWE-125 CVE-2004-0112 CVSS 0 Same weakness: CWE-125 CVE-2004-1940 CVSS 0 Same weakness: CWE-125

CVE History Timeline

Jan 01, 2004 05:00 Initial Analysis
Oct 18, 2016 02:41 CVE Modified
Jul 11, 2017 01:29 CVE Modified
Oct 11, 2017 01:29 CVE Modified
Feb 15, 2024 21:09 Modified Analysis
May 14, 2024 01:25 CVE Modified
Nov 20, 2024 23:47 CVE Modified
← Back to CVE Tracker