|
|
CVE Reference: CVE-2004-0184 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2004-0184 |
|
|
Description: Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/15679 TRUSTIX http://www.trustix.org/errata/2004/0015 ST 1009593 SAID Secunia Advisory: SA11258 REDHAT http://www.redhat.com/support/errata/RHSA-2004-219.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:976 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9581 MISC http://www.rapid7.com/advisories/R7-0017.html FEDORA DEBIAN http://www.debian.org/security/2004/dsa-478 CONFIRM http://www.tcpdump.org/tcpdump-changes.txt CERT-VN 492558 BUGTRAQ http://marc.theaimsgroup.com/?l=bugtraq&m=108067265931525&w=2 BID 10004 |
|
| Return to the previous page. |
