CVE-2004-2230

OpenBSD 3.4-3.6 - Heap-Based Buffer Overflow via IPSEC Credentials

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket.

References (6)

Core 6
Core References
Patch vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1012511
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18486
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/11928
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/13443
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/12400
Patch vendor-advisory x_refsource_openbsd
http://www.openbsd.org/errata36.html

Scores

EPSS 0.0011
EPSS Percentile 29.1%

Details

Status published
Products (3)
openbsd/openbsd 3.4
openbsd/openbsd 3.5
openbsd/openbsd 3.6
Published Dec 31, 2004
Tracked Since Feb 18, 2026