ID CVE-2004-0403
Summary Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
References
Vulnerable Configurations
  • cpe:2.3:a:kame:racoon:2004-04-08a
    cpe:2.3:a:kame:racoon:2004-04-08a
CVSS
Base: 5.0 (as of 01-01-2004 - 00:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2004-069.NASL
    description A vulnerability in racoon prior to version 20040408a would allow a remote attacker to cause a DoS (memory consumption) via an ISAKMP packet with a large length field. Another vulnerability in racoon was discovered where, when using RSA signatures, racoon would validate the X.509 certificate but would not validate the signature. This can be exploited by an attacker sending a valid and trusted X.509 certificate and any private key. Using this, they could perform a man-in-the-middle attack and initiate an unauthorized connection. This has been fixed in ipsec-tools 0.3.3. The updated packages contain patches backported from 0.3.3 to correct the problem.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 14168
    published 2004-07-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14168
    title Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2004:069)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD20040503.NASL
    description The remote host is missing Security Update 2004-05-03. This security update includes updates for AFP Server, CoreFoundation, and IPSec. It also includes Security Update 2004-04-05, which includes updates for CUPS, libxml2, Mail, and OpenSSL. For Mac OS X 10.2.8, it also includes updates for Apache 1.3, cd9660.util, Classic, CUPS, Directory Services, DiskArbitration, fetchmail, fs_usage, gm4, groff, Mail, OpenSSL, Personal File Sharing, PPP, rsync, Safari, System Configuration, System Initialization, and zlib. This update fixes various issues which may allow an attacker to execute arbitrary code on the remote host.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 12518
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12518
    title Mac OS X Multiple Vulnerabilities (Security Update 2004-05-03)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200404-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-200404-17 (ipsec-tools and iputils contain a remote DoS vulnerability) When racoon receives an ISAKMP header, it allocates memory based on the length of the header field. Thus, an attacker may be able to cause a Denial of Services by creating a header that is large enough to consume all available system resources. Impact : This vulnerability may allow an attacker to remotely cause a Denial of Service. Workaround : A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.
    last seen 2019-02-21
    modified 2015-04-13
    plugin id 14482
    published 2004-08-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=14482
    title GLSA-200404-17 : ipsec-tools and iputils contain a remote DoS vulnerability
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_CCD698DF8E2011D890D10020ED76EF5A.NASL
    description When racoon receives an ISAKMP header, it will attempt to allocate sufficient memory for the entire ISAKMP message according to the header's length field. If an attacker crafts an ISAKMP header with a ridiculously large value in the length field, racoon may exceed operating system resource limits and be terminated, resulting in a denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 19124
    published 2005-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=19124
    title FreeBSD : racoon remote denial of service vulnerability (ISAKMP header length field) (ccd698df-8e20-11d8-90d1-0020ed76ef5a)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2004-132.NASL
    description An updated ipsec-tools package that fixes vulnerabilities in racoon (the ISAKMP daemon) is now available. When ipsec-tools receives an ISAKMP header, it will attempt to allocate sufficient memory for the entire ISAKMP message according to the header's length field. If an attacker crafts an ISAKMP header with a extremely large value in the length field, racoon may exceed operating system resource limits and be terminated, resulting in a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0403 to this issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 13707
    published 2004-07-23
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=13707
    title Fedora Core 2 : ipsec-tools-0.2.5-2 (2004-132)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2004-165.NASL
    description An updated ipsec-tools package that fixes vulnerabilities in racoon (the ISAKMP daemon) is now available. IPSEC uses strong cryptography to provide both authentication and encryption services. With versions of ipsec-tools prior to 0.2.3, it was possible for an attacker to cause unauthorized deletion of SA (Security Associations.) The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0164 to this issue. With versions of ipsec-tools prior to 0.2.5, the RSA signature on x.509 certificates was not properly verified when using certificate based authentication. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0155 to this issue. When ipsec-tools receives an ISAKMP header, it will attempt to allocate sufficient memory for the entire ISAKMP message according to the header's length field. If an attacker crafts an ISAKMP header with a extremely large value in the length field, racoon may exceed operating system resource limits and be terminated, resulting in a denial of service. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2004-0403 to this issue. User of IPSEC should upgrade to this updated package, which contains ipsec-tools version 0.25 along with a security patch for CVE-2004-0403 which resolves all these issues.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 12488
    published 2004-07-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=12488
    title RHEL 3 : ipsec-tools (RHSA-2004:165)
oval via4
  • accepted 2013-04-29T04:12:27.755-04:00
    class vulnerability
    contributors
    • name Aharon Chernin
      organization SCAP.com, LLC
    • name Dragos Prisaca
      organization G2, Inc.
    definition_extensions
    • comment The operating system installed on the system is Red Hat Enterprise Linux 3
      oval oval:org.mitre.oval:def:11782
    • comment CentOS Linux 3.x
      oval oval:org.mitre.oval:def:16651
    description Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
    family unix
    id oval:org.mitre.oval:def:11220
    status accepted
    submitted 2010-07-09T03:56:16-04:00
    title Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
    version 23
  • accepted 2010-09-20T04:00:48.066-04:00
    class vulnerability
    contributors
    • name Jay Beale
      organization Bastille Linux
    • name Thomas R. Jones
      organization Maitreya Security
    • name Jonathan Baker
      organization The MITRE Corporation
    description Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
    family unix
    id oval:org.mitre.oval:def:984
    status accepted
    submitted 2004-05-12T12:00:00.000-04:00
    title Racoon Denial of Service via Large Length Field
    version 36
redhat via4
advisories
rhsa
id RHSA-2004:165
refmap via4
apple APPLE-SA-2004-05-03
bid 10172
confirm
gentoo GLSA-200404-17
mandrake MDKSA-2004:069
osvdb 5491
sco SCOSA-2005.10
sectrack 1009937
secunia
  • 11410
  • 11877
sgi 20040506-01-U
xf racoon-isakmp-dos(15893)
Last major update 17-10-2016 - 22:45
Published 01-06-2004 - 00:00
Last modified 10-10-2017 - 21:29
Back to Top