FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

racoon remote denial of service vulnerability (ISAKMP header length field)

Affected packages
racoon < 20040408a

Details

VuXML ID ccd698df-8e20-11d8-90d1-0020ed76ef5a
Discovery 2004-03-31
Entry 2004-04-14

When racoon receives an ISAKMP header, it will attempt to allocate sufficient memory for the entire ISAKMP message according to the header's length field. If an attacker crafts an ISAKMP header with a ridiculously large value in the length field, racoon may exceed operating system resource limits and be terminated, resulting in a denial of service.

References

CVE Name CVE-2004-0403
URL http://www.kame.net/dev/cvsweb2.cgi/kame/kame/kame/racoon/isakmp.c.diff?r1=1.180&r2=1.181