isakmpd/message.c in isakmpd in FreeBSD before isakmpd-20020403_1, and in OpenBSD 3.1, allows remote attackers to cause a denial of service (crash) by sending Internet Key Exchange (IKE) payloads out of sequence.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ports_collection | Freebsd | * | 2002-08-28 (including) |
| Openbsd | Openbsd | 3.1 (including) | 3.1 (including) |
References
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
- http://www.kb.cert.org/vuls/id/287771
- http://www.openbsd.org/errata31.html#isakmpd
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9850
- ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02:05.asc
- http://www.kb.cert.org/vuls/id/287771
- http://www.openbsd.org/errata31.html#isakmpd
- https://exchange.xforce.ibmcloud.com/vulnerabilities/9850