CVE Details for CVE: CVE-2004-0219
Summary
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.
| Timestamps | |
|---|---|
| Last major update | 11-07-2017 - 01:29 |
| Published | 04-05-2004 - 04:00 |
| Last modified | 11-07-2017 - 01:29 |
References
- http://www.rapid7.com/advisories/R7-0018.html
- http://www.openbsd.org/errata.html
- http://www.kb.cert.org/vuls/id/785945
- http://www.securityfocus.com/bid/9907
- http://www.securitytracker.com/alerts/2004/Mar/1009468.html
- http://marc.info/?l=bugtraq&m=108008530028019&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15628
Vulnerable Configurations
-
cpe:2.3:o:openbsd:openbsd:-:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:-:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.0:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.1:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.2:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.3:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.4:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.5:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.6:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.7:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.8:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:2.9:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.0:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.1:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.2:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.3:*:*:*:*:*:*:*
-
cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:openbsd:3.4:*:*:*:*:*:*:*
CWE
CVSS
Base
5.0
Impact
2.9
Exploitability
10.0
Access
| Vector | Complexity | Authentication |
|---|---|---|
| NETWORK | LOW | NONE |
Impact
| Confidentiality | Integrity | Availability |
|---|---|---|
| NONE | NONE | PARTIAL |
CVSS3
None
VIA4 references
cvss-vector
via4
refmap
via4
| bid | 9907 |
| bugtraq | 20040323 R7-0018: OpenBSD isakmpd payload handling denial-of-service vulnerabilities |
| cert-vn | VU#785945 |
| misc | http://www.rapid7.com/advisories/R7-0018.html |
| openbsd | 20040317 015: RELIABILITY FIX: March 17, 2004 |
| sectrack | 1009468 |
| xf | openbsd-isakmp-ipsec-dos(15628) |