Lucene search
MitreCVE-2004-0220HistoryMay 04, 2004 - 4:00 a.m.
CVE-2004-0220
2004-05-0404:00:00
CWE-119
mitre
web.nvd.nist.gov
45
openbsd
isakmpd
denial of service
cve-2004-0220
nvd
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
High
EPSS
0.018
Percentile
88.0%
isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite.
Affected configurations
Node
openbsdopenbsdRange≤3.4
Related
cert
cert
cvelist
cvelist
CVE-2004-0220
2004-03-25 05:00:00
nvd
nvd
CVE-2004-0220
2004-05-04 04:00:00
openvas
openvas
FreeBSD Ports: isakmpd
2008-09-04 00:00:00
FreeBSD Ports: isakmpd
2008-09-04 00:00:00
nessus
nessus
freebsd
freebsd
isakmpd payload handling denial-of-service vulnerabilities
2004-03-17 00:00:00
securityvulns
securityvulns
R7-0018: OpenBSD isakmpd payload handling denial-of-service vulnerabilities
2004-03-24 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.5
Confidence
High
EPSS
0.018
Percentile
88.0%
Related for CVE-2004-0220