CVE-2004-0164
published 2004-03-03CVE-2004-0164: KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is…
PriorityP428medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
6.66%
93.1th percentile
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| kame | racoon | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2q54-wx6q-7cqc: KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message t
ghsa_unreviewed·2022-05-03
CVE-2004-0164 [MEDIUM] GHSA-2q54-wx6q-7cqc: KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message t
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
Red Hat
security flaw
vendor_redhat·2004-01-13·CVSS 5.0
CVE-2004-0164 [MEDIUM] security flaw
security flaw
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
No detection rules found.
Bugzilla
CVE-2004-0164 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2004-0164 [MEDIUM] CVE-2004-0164 security flaw
CVE-2004-0164 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
Bugzilla
CAN-2004-0155/CAN-2004-0164/CAN-2004-0403 IPSEC vulnerabilities
bugzilla·2004-04-07
[MEDIUM] CAN-2004-0155/CAN-2004-0164/CAN-2004-0403 IPSEC vulnerabilities
CAN-2004-0155/CAN-2004-0164/CAN-2004-0403 IPSEC vulnerabilities
With versions of ipsec-tools prior to 0.2.3, it was possible for an
attacker to cause unauthorized deletion of SA (Security Associations.)
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2004-0164 to this issue.
With versions of ipsec-tools prior to 0.2.5, the RSA signature on
x.509 certificates was not properly verified when using certificate
based authentication. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0155 to this issue.
This issue affected Red Hat Enterprise Linux 3
RHSA-2004:165 in progress
Discussion:
Additionally:
When ipsec-tools receives an ISAKMP header, it will attempt
to allocate sufficient memory for the entir
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-001.txt.aschttp://lists.apple.com/archives/security-announce/2004/Feb/msg00000.htmlhttp://marc.info/?l=bugtraq&m=107403331309838&w=2http://marc.info/?l=bugtraq&m=107411758202662&w=2http://www.securityfocus.com/bid/9416http://www.securityfocus.com/bid/9417https://exchange.xforce.ibmcloud.com/vulnerabilities/14117https://exchange.xforce.ibmcloud.com/vulnerabilities/14118https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A947https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9737ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-001.txt.aschttp://lists.apple.com/archives/security-announce/2004/Feb/msg00000.htmlhttp://marc.info/?l=bugtraq&m=107403331309838&w=2http://marc.info/?l=bugtraq&m=107411758202662&w=2http://www.securityfocus.com/bid/9416http://www.securityfocus.com/bid/9417https://exchange.xforce.ibmcloud.com/vulnerabilities/14117https://exchange.xforce.ibmcloud.com/vulnerabilities/14118https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A947https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9737
2004-03-03
Published