This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68These are the vulnerabilities relating to the commit you have selected:
| VuXML ID | Description |
|---|---|
| f8551668-de09-4d7b-9720-f1360929df07 | tcpdump ISAKMP payload handling remote denial-of-service Chad Loder has discovered vulnerabilities in tcpdump's ISAKMP protocol handler. During an audit to repair these issues, Bill Fenner discovered some related problems. These vulnerabilities may be used by an attacker to crash a running `tcpdump' process. They can only be triggered if the `-v' command line option is being used. NOTE: the racoon ISAKMP/IKE daemon incorporates the ISAKMP protocol handler from tcpdump, and so is also affected by this issue. Discovery 2004-03-12 Entry 2004-03-31 Modified 2016-08-11 tcpdump < 3.8.3 racoon < 20040408a FreeBSD < 5.2.1 http://marc.theaimsgroup.com/?l=bugtraq&m=108067265931525 http://www.rapid7.com/advisories/R7-0017.html CVE-2004-0183 CVE-2004-0184 |
| 2328adef-157c-11d9-8402-000d93664d5c | racoon -- improper certificate handling Thomas Walpuski noted when OpenSSL would detect an error condition for a peer certificate, racoon mistakenly ignored the error. This could allow five invalid certificate states to properly be used for authentication. Discovery 2004-01-31 Entry 2004-10-03 racoon < 20040818a http://marc.theaimsgroup.com/?l=bugtraq&m=108726102304507 http://www.kame.net/racoon/racoon-ml/msg00517.html |
| 3b260179-e464-460d-bf9f-d5cda6204020 | racoon -- remote denial-of-service Sebastian Krahmer discovered that the racoon ISAKMP daemon could be crashed with a maliciously crafted UDP packet. No authentication is required in order to perform the attack. Discovery 2005-03-12 Entry 2005-06-03 racoon < 20050510a CVE-2005-0398 http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000 http://xforce.iss.net/xforce/xfdb/19707 https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view |
| ccd698df-8e20-11d8-90d1-0020ed76ef5a | racoon remote denial of service vulnerability (ISAKMP header length field) When racoon receives an ISAKMP header, it will attempt to allocate sufficient memory for the entire ISAKMP message according to the header's length field. If an attacker crafts an ISAKMP header with a ridiculously large value in the length field, racoon may exceed operating system resource limits and be terminated, resulting in a denial of service. Discovery 2004-03-31 Entry 2004-04-14 racoon < 20040408a CVE-2004-0403 http://www.kame.net/dev/cvsweb2.cgi/kame/kame/kame/racoon/isakmp.c.diff?r1=1.180&r2=1.181 |