CERTA-2004-AVI-399

Vulnerability from certfr_avis - Published: 2004-12-15 - Updated: 2004-12-15

None

Description

isakmpd est un service basé sur le protocole IKE. isakmpd sert notamment à la négociation et à la gestion des associations de sécurité (SA) pour du trafic réseau chiffré et/ou authentifié (IPSEC).

Une vulnérabilité a été découverte dans le service isakmpd lors de son utilisation avec le protocole IPSEC.

Un utilisateur local mal intentionné peut exploiter cette vulnérabilité afin de créer un déni de service.

Solution

Appliquer le correctif suivant la version affectée :

  • OpenBSD version 3.4 :

    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/035_pfkey.patch

  • OpenBSD version 3.5 :

    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/024_pfkey.patch

  • OpenBSD version 3.6 :

    ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.i6/common/007_pfkey.patch

OpenBSD versions 3.4, 3.5 et 3.6.

Impacted products
Vendor Product Description
References

Show details on source website
To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eOpenBSD versions 3.4, 3.5 et 3.6.\u003c/P\u003e",
  "content": "## Description\n\n`isakmpd` est un service bas\u00e9 sur le protocole IKE. `isakmpd` sert\nnotamment \u00e0 la n\u00e9gociation et \u00e0 la gestion des associations de s\u00e9curit\u00e9\n(SA) pour du trafic r\u00e9seau chiffr\u00e9 et/ou authentifi\u00e9 (IPSEC).\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le service `isakmpd` lors de son\nutilisation avec le protocole IPSEC.\n\nUn utilisateur local mal intentionn\u00e9 peut exploiter cette vuln\u00e9rabilit\u00e9\nafin de cr\u00e9er un d\u00e9ni de service.\n\n## Solution\n\nAppliquer le correctif suivant la version affect\u00e9e :\n\n-   OpenBSD version 3.4 :\n\n        ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/035_pfkey.patch\n\n-   OpenBSD version 3.5 :\n\n        ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/024_pfkey.patch\n\n-   OpenBSD version 3.6 :\n\n        ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.i6/common/007_pfkey.patch\n",
  "cves": [],
  "initial_release_date": "2004-12-15T00:00:00",
  "last_revision_date": "2004-12-15T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 OpenBSD #007 du 14 d\u00e9cembre 2004 :",
      "url": "http://www.openbsd.org/errata.html#pfkey"
    }
  ],
  "reference": "CERTA-2004-AVI-399",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2004-12-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 dans ISAKMPD sous OpenBSD",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Correctif de s\u00e9curit\u00e9 OpenBSD du 14 d\u00e9cembre 2004",
      "url": null
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.