CVE-2004-0403

Current Description

Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.

Basic Data

PublishedJune 01, 2004
Last ModifiedOctober 11, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationKameRacoon********2004-04-08a

Vulnerable Software List

VendorProductVersions
Kame Racoon *

References

NameSourceURLTags
SCOSA-2005.10ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txtSCO
20040506-01-Uftp://patches.sgi.com/support/free/security/advisories/20040506-01-U.ascSGI
APPLE-SA-2004-05-03http://marc.info/?l=bugtraq&m=108369640424244&w=2APPLE
11410http://secunia.com/advisories/11410SECUNIA
11877http://secunia.com/advisories/11877SECUNIA
GLSA-200404-17http://security.gentoo.org/glsa/glsa-200404-17.xmlGENTOO
1009937http://securitytracker.com/id?1009937SECTRACK
http://sourceforge.net/project/shownotes.php?release_id=232288http://sourceforge.net/project/shownotes.php?release_id=232288CONFIRM
http://www.kame.net/dev/cvsweb2.cgi/kame/kame/kame/racoon/isakmp.c.diff?r1=1.180&r2=1.181http://www.kame.net/dev/cvsweb2.cgi/kame/kame/kame/racoon/isakmp.c.diff?r1=1.180&r2=1.181CONFIRMExploit
MDKSA-2004:069http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:069MANDRAKE
5491http://www.osvdb.org/5491OSVDB
RHSA-2004:165http://www.redhat.com/support/errata/RHSA-2004-165.htmlREDHATPATCH Vendor Advisory
10172http://www.securityfocus.com/bid/10172BID
http://www.vuxml.org/freebsd/ccd698df-8e20-11d8-90d1-0020ed76ef5a.htmlhttp://www.vuxml.org/freebsd/ccd698df-8e20-11d8-90d1-0020ed76ef5a.htmlCONFIRMVendor Advisory
racoon-isakmp-dos(15893)https://exchange.xforce.ibmcloud.com/vulnerabilities/15893XF
oval:org.mitre.oval:def:11220https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11220OVAL
oval:org.mitre.oval:def:984https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A984OVAL