CVE-2004-0184 - OpenCVE

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Tcpdump	Tcpdump

Configuration 1 [-]

cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*

References

Link	Resource
http://marc.info/?l=bugtraq&m=108067265931525&w=2	Mailing List Third Party Advisory
http://secunia.com/advisories/11258	Broken Link
http://securitytracker.com/id?1009593	Broken Link Third Party Advisory VDB Entry
http://www.debian.org/security/2004/dsa-478	Broken Link Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/492558	Third Party Advisory US Government Resource
http://www.rapid7.com/advisories/R7-0017.html	Broken Link Exploit Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2004-219.html	Broken Link
http://www.securityfocus.com/bid/10004	Broken Link Third Party Advisory VDB Entry
http://www.tcpdump.org/tcpdump-changes.txt	Release Notes
http://www.trustix.org/errata/2004/0015	Broken Link
https://bugzilla.fedora.us/show_bug.cgi?id=1468	Broken Link Issue Tracking
https://exchange.xforce.ibmcloud.com/vulnerabilities/15679	Broken Link VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9581	Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A976	Broken Link

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2004-04-06T04:00:00

Updated: 2017-10-10T00:57:01

Reserved: 2004-03-02T00:00:00

Link: CVE-2004-0184

JSON object: View

NVD Information

Status : Analyzed

Published: 2004-05-04T04:00:00.000

Modified: 2024-02-15T21:09:24.487

Link: CVE-2004-0184

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2004-03-30T00:00:00", "descriptions": [{"lang": "en", "value": "Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-10-10T00:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "VU#492558", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/492558"}, {"name": "RHSA-2004:219", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2004-219.html"}, {"name": "1009593", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1009593"}, {"name": "DSA-478", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2004/dsa-478"}, {"name": "11258", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/11258"}, {"name": "2004-0015", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2004/0015"}, {"name": "oval:org.mitre.oval:def:9581", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9581"}, {"tags": ["x_refsource_MISC"], "url": "http://www.rapid7.com/advisories/R7-0017.html"}, {"name": "FEDORA-2004-1468", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1468"}, {"name": "10004", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/10004"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.tcpdump.org/tcpdump-changes.txt"}, {"name": "oval:org.mitre.oval:def:976", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A976"}, {"name": "20040330 R7-0017: TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=108067265931525&w=2"}, {"name": "tcpdump-isakmp-integer-underflow(15679)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15679"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2004-0184", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#492558", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/492558"}, {"name": "RHSA-2004:219", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2004-219.html"}, {"name": "1009593", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1009593"}, {"name": "DSA-478", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2004/dsa-478"}, {"name": "11258", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/11258"}, {"name": "2004-0015", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2004/0015"}, {"name": "oval:org.mitre.oval:def:9581", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9581"}, {"name": "http://www.rapid7.com/advisories/R7-0017.html", "refsource": "MISC", "url": "http://www.rapid7.com/advisories/R7-0017.html"}, {"name": "FEDORA-2004-1468", "refsource": "FEDORA", "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1468"}, {"name": "10004", "refsource": "BID", "url": "http://www.securityfocus.com/bid/10004"}, {"name": "http://www.tcpdump.org/tcpdump-changes.txt", "refsource": "CONFIRM", "url": "http://www.tcpdump.org/tcpdump-changes.txt"}, {"name": "oval:org.mitre.oval:def:976", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A976"}, {"name": "20040330 R7-0017: TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=108067265931525&w=2"}, {"name": "tcpdump-isakmp-integer-underflow(15679)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15679"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2004-0184", "datePublished": "2004-04-06T04:00:00", "dateReserved": "2004-03-02T00:00:00", "dateUpdated": "2017-10-10T00:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:tcpdump:tcpdump:*:*:*:*:*:*:*:*", "matchCriteriaId": "770A6EDA-10B7-4DB1-B150-A40F015FE3FB", "versionEndIncluding": "3.8.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite."}, {"lang": "es", "value": "Desbordamieto de enteros en la funci\u00f3n isakmp_id_print de TCPDUMP 3.8.1 y anteriores permite a atacantes remotos causar una denegaci\u00f3n de servicio mediante un paquete ISAKMP con una carga \u00fatil de identificaci\u00f3n con una longitud que se hace menor de 8 durante una conversi\u00f3n de orden de bytes, lo que causa una lectura fuera de l\u00edmites, como se ha demostrado por el paquete de pruebas de protocolo ISAKMP Striker."}], "id": "CVE-2004-0184", "lastModified": "2024-02-15T21:09:24.487", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2004-05-04T04:00:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=108067265931525&w=2"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/11258"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1009593"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Patch", "Vendor Advisory"], "url": "http://www.debian.org/security/2004/dsa-478"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/492558"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Exploit", "Vendor Advisory"], "url": "http://www.rapid7.com/advisories/R7-0017.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.redhat.com/support/errata/RHSA-2004-219.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/10004"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "http://www.tcpdump.org/tcpdump-changes.txt"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.trustix.org/errata/2004/0015"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Issue Tracking"], "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1468"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15679"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9581"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A976"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-191"}], "source": "nvd@nist.gov", "type": "Primary"}]}