certfr_avis - certa-2004-avi-399

CERTA-2004-AVI-399

Vulnerability from certfr_avis

None

Description

isakmpd est un service basé sur le protocole IKE. isakmpd sert notamment à la négociation et à la gestion des associations de sécurité (SA) pour du trafic réseau chiffré et/ou authentifié (IPSEC).

Une vulnérabilité a été découverte dans le service isakmpd lors de son utilisation avec le protocole IPSEC.

Un utilisateur local mal intentionné peut exploiter cette vulnérabilité afin de créer un déni de service.

Solution

Appliquer le correctif suivant la version affectée :

OpenBSD version 3.4 :

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/035_pfkey.patch

OpenBSD version 3.5 :

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/024_pfkey.patch

OpenBSD version 3.6 :

ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.i6/common/007_pfkey.patch

OpenBSD versions 3.4, 3.5 et 3.6.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Correctif de sécurité OpenBSD du 14 décembre 2004	None	vendor-advisory
Bulletin de sécurité OpenBSD #007 du 14 décembre 2004 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eOpenBSD versions 3.4, 3.5 et 3.6.\u003c/P\u003e",
  "content": "## Description\n\n`isakmpd` est un service bas\u00e9 sur le protocole IKE. `isakmpd` sert\nnotamment \u00e0 la n\u00e9gociation et \u00e0 la gestion des associations de s\u00e9curit\u00e9\n(SA) pour du trafic r\u00e9seau chiffr\u00e9 et/ou authentifi\u00e9 (IPSEC).\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le service `isakmpd` lors de son\nutilisation avec le protocole IPSEC.\n\nUn utilisateur local mal intentionn\u00e9 peut exploiter cette vuln\u00e9rabilit\u00e9\nafin de cr\u00e9er un d\u00e9ni de service.\n\n## Solution\n\nAppliquer le correctif suivant la version affect\u00e9e :\n\n-   OpenBSD version 3.4 :\n\n        ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/035_pfkey.patch\n\n-   OpenBSD version 3.5 :\n\n        ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.5/common/024_pfkey.patch\n\n-   OpenBSD version 3.6 :\n\n        ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.i6/common/007_pfkey.patch\n",
  "cves": [],
  "initial_release_date": "2004-12-15T00:00:00",
  "last_revision_date": "2004-12-15T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 OpenBSD #007 du 14 d\u00e9cembre 2004 :",
      "url": "http://www.openbsd.org/errata.html#pfkey"
    }
  ],
  "reference": "CERTA-2004-AVI-399",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2004-12-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 dans ISAKMPD sous OpenBSD",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Correctif de s\u00e9curit\u00e9 OpenBSD du 14 d\u00e9cembre 2004",
      "url": null
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted