| Vulnerability Name: | CVE-2004-0184 (CCN-15679) | ||||||||||||||||||||
| Assigned: | 2004-03-29 | ||||||||||||||||||||
| Published: | 2004-03-29 | ||||||||||||||||||||
| Updated: | 2017-10-11 | ||||||||||||||||||||
| Summary: | Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite. | ||||||||||||||||||||
| CVSS v3 Severity: | 5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)
| ||||||||||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 3.9 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)
4.2 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:N/A:C/E:POC/RL:OF/RC:C)
| ||||||||||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||||||||||
| References: | Source: CCN Type: Rapid7, Inc. Security Advisory R7-0017 TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities Source: MITRE Type: CNA CVE-2004-0184 Source: BUGTRAQ Type: UNKNOWN 20040330 R7-0017: TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities Source: CCN Type: RHSA-2004-219 tcpdump security update Source: CCN Type: SA11258 TCPDUMP ISAKMP Payload Handling Denial of Service Vulnerabilities Source: SECUNIA Type: UNKNOWN 11258 Source: CCN Type: SECTRACK ID: 1009593 Tcpdump Boundary Checking Error in `print-isakmp.c` Lets Remote Users Crash Tcpdump Source: SECTRACK Type: UNKNOWN 1009593 Source: CCN Type: CIAC Information Bulletin O-113 Debian tcpdump Denial of Service Source: CCN Type: CIAC Information Bulletin O-212 Apple Security Update Source: DEBIAN Type: Patch, Vendor Advisory DSA-478 Source: DEBIAN Type: DSA-478 tcpdump -- denial of service Source: CCN Type: US-CERT VU#492558 tcpdump contains integer underflow vulnerability in ISAKMP Identification Payload handling Source: CERT-VN Type: US Government Resource VU#492558 Source: CCN Type: Trustix Secure Linux Security Advisory #2004-0015 tcpdump, libpcap Source: CCN Type: OpenPKG-SA-2004.010 tcpdump Source: MISC Type: Exploit, Vendor Advisory http://www.rapid7.com/advisories/R7-0017.html Source: REDHAT Type: UNKNOWN RHSA-2004:219 Source: BID Type: UNKNOWN 10004 Source: CCN Type: BID-10004 TCPDump ISAKMP Identification Payload Integer Underflow Vulnerability Source: CCN Type: BID-10005 Interchange Remote Information Disclosure Vulnerability Source: CCN Type: BID-10007 Clam Anti-Virus ClamAV Arbitrary Command Execution Vulnerability Source: CCN Type: BID-10008 MPlayer Remote HTTP Header Buffer Overflow Vulnerability Source: CCN Type: BID-10009 Oracle Single Sign-On Login Page Authentication Credential Disclosure Vulnerability Source: CCN Type: BID-1001 InterAccess TelnetD Server 4.0 Terminal Configuration Vulnerability Source: CCN Type: BID-10010 LinBit Technologies LINBOX Officeserver Remote Authentication Bypass Vulnerability Source: CCN Type: BID-10013 PHPKit Multiple HTML Injection Vulnerabilities Source: CCN Type: BID-10017 JamesOff QuoteEngine Multiple Parameter Unspecified SQL Injection Vulnerability Source: CCN Type: BID-10018 MadBMS Unspecified Login Vulnerability Source: CCN Type: BID-10019 Cactusoft CactuShop SQL Injection Vulnerability Source: CCN Type: BID-1002 Sambar Server Batch CGI Vulnerability Source: CCN Type: BID-10020 CactuSoft CactuShop Cross-Site Scripting Vulnerability Source: CCN Type: BID-10022 Roger Wilco Server UDP Datagram Handling Denial Of Service Vulnerability Source: CCN Type: BID-10024 Roger Wilco Information Disclosure Vulnerability Source: CCN Type: BID-10025 Roger Wilco Server Unauthorized Audio Stream Denial Of Service Vulnerability Source: CCN Type: BID-10026 ADA IMGSVR Remote Directory Listing Vulnerability Source: CCN Type: BID-10027 ADA IMGSVR Remote File Download Vulnerability Source: CCN Type: BID-10028 OpenBSD ISAKMPD Zero Payload Length Denial Of Service Vulnerability Source: CCN Type: BID-1003 FTPx FTP Explorer Weak Password Encryption Vulnerability Source: CCN Type: BID-10033 HAHTsite Scenario Server Project File Name Buffer Overrun Vulnerability Source: CCN Type: BID-10036 Macromedia Dreamweaver Remote User Database Access Vulnerability Source: CCN Type: BID-10037 SGI IRIX ftpd Multiple Denial Of Service Vulnerabilities Source: CCN Type: slackware-security Mailing List, Sat, 17 Apr 2004 12:02:24 -0700 (PDT) tcpdump denial of service (SSA:2004-108-01) Source: CCN Type: tcpdump Web site TCPDUMP public repository Source: CONFIRM Type: UNKNOWN http://www.tcpdump.org/tcpdump-changes.txt Source: TRUSTIX Type: UNKNOWN 2004-0015 Source: CCN Type: TLSA-2004-16 Two issues have been discovered in tcpdump Source: FEDORA Type: UNKNOWN FEDORA-2004-1468 Source: XF Type: UNKNOWN tcpdump-isakmp-integer-underflow(15679) Source: XF Type: UNKNOWN tcpdump-isakmp-integer-underflow(15679) Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:9581 Source: OVAL Type: UNKNOWN oval:org.mitre.oval:def:976 Source: SUSE Type: SUSE-SA:2004:010 Linux Kernel: privilege escalation local DoS Source: SUSE Type: SUSE-SA:2004:011 Live CD 9.1: remote root access | ||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1:  Denotes that component is vulnerable | ||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
| BACK | |||||||||||||||||||||