Lucene search

[email protected]CVE-2004-0164

HistoryMar 03, 2004 - 5:00 a.m.

CVE-2004-0164

2004-03-0305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

kame

ike daemon

racoon

remote attackers

certificates

isakmp

vulnerability

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.86 High

EPSS

Percentile

98.6%

JSON

KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.

CPENameOperatorVersion
kame:racoonkame racooneqall_versions

CPE	Name	Operator	Version
kame:racoon	kame racoon	eq	all_versions

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-001.txt.asc

lists.apple.com/archives/security-announce/2004/Feb/msg00000.html

marc.info/?l=bugtraq&m=107403331309838&w=2

marc.info/?l=bugtraq&m=107411758202662&w=2

www.securityfocus.com/bid/9416

www.securityfocus.com/bid/9417

exchange.xforce.ibmcloud.com/vulnerabilities/14117

exchange.xforce.ibmcloud.com/vulnerabilities/14118

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A947

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9737

6.6 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.86 High

EPSS

Percentile

98.6%

JSON

Related for CVE-2004-0164

debiancve1 freebsd1 checkpoint_advisories1 openvas2 cvelist1 nessus3 redhat1