Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0392

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0392
Last Modified 10 Sep 2008 03:26:11
Published 14 Jun 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0392

Summary

racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.

Vulnerable Systems

Application

  • Kame Racoon 2004-04-07a


References

XF - racoon-isakmp-dos(15893)

CONFIRM - http://www.vuxml.org/freebsd/40fcf20f-8891-11d8-90d1-0020ed76ef5a.html

SCO - SCOSA-2005.10

CONFIRM - http://orange.kame.net/dev/query-pr.cgi?pr=555


Last Updated: 27 May 2016 10:38:35