CVE-2004-0221

Опубликовано: 04 мая 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Ссылки

http://marc.info/?l=bugtraq&m=108008530028019&w=2
Mailing List
Third Party Advisory
http://www.kb.cert.org/vuls/id/524497
Third Party Advisory
US Government Resource
http://www.openbsd.org/errata.html
Product
Vendor Advisory
http://www.rapid7.com/advisories/R7-0018.html
Broken Link
http://www.securityfocus.com/bid/9907
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/alerts/2004/Mar/1009468.html
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/15630
Third Party Advisory
VDB Entry
http://marc.info/?l=bugtraq&m=108008530028019&w=2
Mailing List
Third Party Advisory
http://www.kb.cert.org/vuls/id/524497
Third Party Advisory
US Government Resource
http://www.openbsd.org/errata.html
Product
Vendor Advisory
http://www.rapid7.com/advisories/R7-0018.html
Broken Link
http://www.securityfocus.com/bid/9907
Broken Link
Third Party Advisory
VDB Entry
http://www.securitytracker.com/alerts/2004/Mar/1009468.html
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/15630
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:openbsd:openbsd:*:*:*:*:*:*:*:*

Версия до 3.4 (включая)

EPSS

Процентиль: 82%

0.01734

Низкий

5 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-w82g-fr7x-r9m9

github

почти 4 года назад