CVE-2004-0392Infinite Loop in Racoon

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.9%
top 23.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Kame Racoon
Timeline
PublishedJun 14
Latest updateMay 3

Description

racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDkame/racoon2004-04-07a

🔴Vulnerability Details

2
GHSA
GHSA-x92r-57vj-9h2j: racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malform2022-05-03
CVEList
CVE-2004-0392: racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malform2004-05-06
CVE-2004-0392 — Infinite Loop in Kame Racoon | cvebase