Vulnerability Name:

CVE-2004-0164 (CCN-14117)

Assigned:2003-12-31
Published:2003-12-31
Updated:2017-10-11
Summary:KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: NETBSD
Type: UNKNOWN
NetBSD-SA2004-001

Source: CCN
Type: BugTraq Mailing List, Thu Jan 01 2004 - 14:20:18 CST
Re: multiple payload handling flaws in isakmpd, again

Source: CCN
Type: BugTraq Mailing List, Wed Dec 31 2003 - 16:38:58 CST
multiple payload handling flaws in isakmpd, again

Source: CCN
Type: BugTraq Mailing List, Tue Jan 13 2004 - 15:39:40 CST
unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

Source: MITRE
Type: CNA
CVE-2004-0164

Source: APPLE
Type: UNKNOWN
APPLE-SA-2004-02-23

Source: BUGTRAQ
Type: UNKNOWN
20040113 unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

Source: BUGTRAQ
Type: UNKNOWN
20040114 Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

Source: CCN
Type: RHSA-2004-165
ipsec-tools security update

Source: CCN
Type: BID-9333
ISAKMPD "Invalid SPI" SA Deletion Vulnerability

Source: BID
Type: UNKNOWN
9416

Source: CCN
Type: BID-9416
KAME Racoon "Authentication" SA Deletion Vulnerability

Source: BID
Type: UNKNOWN
9417

Source: CCN
Type: BID-9417
KAME Racoon "Initial Contact" SA Deletion Vulnerability

Source: CCN
Type: BID-9731
Multiple Apple Mac OS X Local And Remote Vulnerabilities

Source: XF
Type: UNKNOWN
openbsd-isakmp-invalidspi-delete-sa(14117)

Source: XF
Type: UNKNOWN
openbsd-isakmp-invalidspi-delete-sa(14117)

Source: XF
Type: UNKNOWN
openbsd-isakmp-initialcontact-delete-sa(14118)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:947

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9737

Vulnerable Configuration:Configuration 1:
  • cpe:/a:kame:racoon:all_versions:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Vulnerability Name:

    CVE-2004-0164 (CCN-14118)

    Assigned:2003-12-31
    Published:2003-12-31
    Updated:2003-12-31
    Summary:KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
    CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
    Exploitability Metrics:Attack Vector (AV): Network
    Attack Complexity (AC): Low
    Privileges Required (PR): None
    User Interaction (UI): None
    Scope:Scope (S): Unchanged
    Impact Metrics:Confidentiality (C): Low
    Integrity (I): Low
    Availibility (A): Low
    CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Authentication (Au): None
    Impact Metrics:Confidentiality (C): None
    Integrity (I): Partial
    Availibility (A): None
    7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
    Exploitability Metrics:Access Vector (AV): Network
    Access Complexity (AC): Low
    Athentication (Au): None
    Impact Metrics:Confidentiality (C): Partial
    Integrity (I): Partial
    Availibility (A): Partial
    Vulnerability Consequences:Gain Access
    References:Source: CCN
    Type: BugTraq Mailing List, Thu Jan 01 2004 - 14:20:18 CST
    Re: multiple payload handling flaws in isakmpd, again

    Source: CCN
    Type: BugTraq Mailing List, Wed Dec 31 2003 - 16:38:58 CST
    multiple payload handling flaws in isakmpd, again

    Source: CCN
    Type: BugTraq Mailing List, Tue Jan 13 2004 - 15:39:40 CST
    unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

    Source: MITRE
    Type: CNA
    CVE-2004-0164

    Source: CCN
    Type: NetBSD Security Advisory 2004-001
    Insufficient packet validation in racoon IKE daemon

    Source: CCN
    Type: RHSA-2004-165
    ipsec-tools security update

    Source: CCN
    Type: BID-10496
    OpenBSD ISAKMPD Security Association Piggyback Delete Payload Denial Of Service Vulnerability

    Source: CCN
    Type: BID-9334
    ISAKMPD "Initial Contact" Notification SA Deletion Vulnerability

    Source: CCN
    Type: BID-9416
    KAME Racoon "Authentication" SA Deletion Vulnerability

    Source: CCN
    Type: BID-9417
    KAME Racoon "Initial Contact" SA Deletion Vulnerability

    Source: CCN
    Type: BID-9436
    OpenBSD 3.4 Crypto Card Handlers File Descriptor Leak Vulnerability

    Source: XF
    Type: UNKNOWN
    openbsd-isakmp-initialcontact-delete-sa(14118)

    Vulnerable Configuration:Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:9737
    V
    		KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
    2013-04-29
    oval:org.mitre.oval:def:947
    V
    		KAME IKE Daemon Improper Hash Value Handling
    2010-09-20
    oval:com.redhat.rhsa:def:20040165
    P
    		RHSA-2004:165: ipsec-tools security update (Important)
    2004-05-11
    BACK
    kame racoon all_versions