FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

racoon security association deletion vulnerability

Affected packages
racoon < 20040116a

Details

VuXML ID 739bb51d-7e82-11d8-9645-0020ed76ef5a
Discovery 2004-01-13
Entry 2004-03-25
Modified 2004-03-29

A remote attacker may use specially crafted IKE/ISAKMP messages to cause racoon to delete security associations. This could result in denial-of-service or possibly cause sensitive traffic to be transmitted in plaintext, depending upon configuration.

References

Bugtraq ID 9416
Bugtraq ID 9417
CVE Name CVE-2004-0164
Message 20040113213940.GA1727@hzeroseven.org