CVE-2009-0267

OpenSolaris < snv_100 - Denial of Service via Malformed IKE Packet

Title source: llm

Description

libike in Sun Solaris 9 and 10, and OpenSolaris before snv_100, does not properly check packets, which allows remote attackers to cause a denial of service (in.iked daemon crash) via an unspecified IKE packet, a different vulnerability than CVE-2007-2989.

References (7)

Core 7

Core References

Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/33407

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/33702

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6116

Patch x_refsource_confirm

http://sunsolve.sun.com/search/document.do?assetkey=1-21-113451-15-1

Vendor Advisory x_refsource_confirm

http://support.avaya.com/elmodocs2/security/ASA-2009-032.htm

Patch, Vendor Advisory vendor-advisory x_refsource_sunalert

http://sunsolve.sun.com/search/document.do?assetkey=1-66-247406-1

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/48178

Scores

EPSS 0.0166

EPSS Percentile 82.3%

Details

CWE

CWE-20

Status published

Products (30)

sun/opensolaris snv_01 (2 CPE variants)

sun/opensolaris snv_02 (2 CPE variants)

sun/opensolaris snv_03 (2 CPE variants)

sun/opensolaris snv_04 (2 CPE variants)

sun/opensolaris snv_05 (2 CPE variants)

sun/opensolaris snv_06 (2 CPE variants)

sun/opensolaris snv_07 (2 CPE variants)

sun/opensolaris snv_08 (2 CPE variants)

sun/opensolaris snv_09 (2 CPE variants)

sun/opensolaris snv_10 (2 CPE variants)

... and 20 more

Published Jan 26, 2009

Tracked Since Feb 18, 2026