CVE-2004-0222

Openbsd < 3.4 - Memory Leak

Title source: rule

Description

Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.

References (7)

[Third Party Advisory] http://marc.info/?l=bugtraq&m=108008530028019&w=2

[Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/996177

[Product] http://www.openbsd.org/errata.html

[Broken Link] http://www.rapid7.com/advisories/R7-0018.html

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/10032

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/alerts/2004/Mar/1009468.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/15519

Scores

EPSS 0.0181

EPSS Percentile 82.6%

Classification

CWE

CWE-401

Status draft

Affected Products (1)

openbsd/openbsd < 3.4

Timeline

Published May 04, 2004

Tracked Since Feb 18, 2026