CVE-2004-0221
5
CVSS Score
Medium
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Link copied!
Description
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
None
Availability
P
Affected Software Configurations
- o openbsd openbsd * * * * * * * *
Weaknesses (CWE)
- CWE-125
References & External Links
- http://marc.info/?l=bugtraq&m=108008530028019&w=2
- http://www.kb.cert.org/vuls/id/524497
- http://www.openbsd.org/errata.html
- http://www.rapid7.com/advisories/R7-0018.html
- http://www.securityfocus.com/bid/9907
- http://www.securitytracker.com/alerts/2004/Mar/1009468.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15630
- http://marc.info/?l=bugtraq&m=108008530028019&w=2
- http://www.kb.cert.org/vuls/id/524497
- http://www.openbsd.org/errata.html
- http://www.rapid7.com/advisories/R7-0018.html
- http://www.securityfocus.com/bid/9907
- http://www.securitytracker.com/alerts/2004/Mar/1009468.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15630
External Resources
CVE History Timeline
Jan 01, 2004 05:00
Initial Analysis
Oct 18, 2016 02:42
CVE Modified
Jul 11, 2017 01:29
CVE Modified
Feb 15, 2024 21:09
Modified Analysis
May 14, 2024 01:25
CVE Modified
Nov 20, 2024 23:48
CVE Modified