CVE-2005-0398
published 2005-03-14CVE-2005-0398: The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
PriorityP415medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
2.43%
82.2th percentile
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| altlinux | alt_linux | — | — |
| ipsec-tools | ipsec-tools | — | — |
| ipsec-tools | ipsec-tools | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| kame | racoon | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_desktop | — | — |
| sgi | propack | — | — |
| suse | suse_linux | — | — |
| suse | suse_linux | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
racoon vulnerability
vendor_ubuntu·2005-04-06
CVE-2005-0398 racoon vulnerability
Title: racoon vulnerability
Summary: racoon vulnerability
Sebastian Krahmer discovered a Denial of Service vulnerability in the
racoon daemon. By sending specially crafted ISAKMP packets, a remote
attacker could trigger a buffer overflow which caused racoon to crash.
This update does not introduce any source code changes affecting the
ipsec-tools package. It is necessary to update the version number of
the package in order to support an update to the "racoon" package.
Please note that racoon is not officially supported by Ubuntu (it is
in the "universe" component of the archive).
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-03-09·CVSS 5.0
CVE-2005-0398 [MEDIUM] security flaw
security flaw
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
GHSA
GHSA-87q5-cpgj-vj92: The KAME racoon daemon in ipsec-tools before 0
ghsa_unreviewed·2022-05-01
CVE-2005-0398 [MEDIUM] GHSA-87q5-cpgj-vj92: The KAME racoon daemon in ipsec-tools before 0
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/14584http://security.gentoo.org/glsa/glsa-200503-33.xmlhttp://securitytracker.com/id?1013433http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000http://www.mandriva.com/security/advisories?name=MDKSA-2005:062http://www.redhat.com/support/errata/RHSA-2005-232.htmlhttp://www.securityfocus.com/bid/12804http://www.vupen.com/english/advisories/2005/0264https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=viewhttps://exchange.xforce.ibmcloud.com/vulnerabilities/19707https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028http://secunia.com/advisories/14584http://security.gentoo.org/glsa/glsa-200503-33.xmlhttp://securitytracker.com/id?1013433http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000http://www.mandriva.com/security/advisories?name=MDKSA-2005:062http://www.redhat.com/support/errata/RHSA-2005-232.htmlhttp://www.securityfocus.com/bid/12804http://www.vupen.com/english/advisories/2005/0264https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=viewhttps://exchange.xforce.ibmcloud.com/vulnerabilities/19707https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028
2005-03-14
Published