发布时间 :2004-12-31 00:00:00
修订时间 :2008-09-05 16:43:33

[原文]Heap-based buffer overflow in isakmpd on OpenBSD 3.4 through 3.6 allows local users to cause a denial of service (panic) and corrupt memory via IPSEC credentials on a socket.

[CNNVD]OpenBSD ISAKMPD核心堆缓冲区溢出本地服务拒绝漏洞(CNNVD-200412-197)

        OpenBSD 3.4到3.6版本中的isakmpd存在基于堆的缓冲区溢出漏洞。本地用户可以借助插口上的IPSEC证书导致服务拒绝(恐慌)以及损坏内存。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/o:openbsd:openbsd:3.4OpenBSD 3.4
cpe:/o:openbsd:openbsd:3.6OpenBSD 3.6
cpe:/o:openbsd:openbsd:3.5OpenBSD 3.5

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(PATCH)  XF  openbsd-isakmpd-dos(18486)
(PATCH)  BID  11928
(PATCH)  OPENBSD  20041214 007: SECURITY FIX: December 14, 2004
(PATCH)  SECTRACK  1012511

- 漏洞信息

OpenBSD ISAKMPD核心堆缓冲区溢出本地服务拒绝漏洞
低危 缓冲区溢出
2004-12-31 00:00:00 2005-10-20 00:00:00
        OpenBSD 3.4到3.6版本中的isakmpd存在基于堆的缓冲区溢出漏洞。本地用户可以借助插口上的IPSEC证书导致服务拒绝(恐慌)以及损坏内存。

- 公告与补丁

        The vendor has made patches available for OpenBSD 3.4, 3.5, and 3.6. The OpenBSD CVS repository has had the fixes available since 10 December, 2004.
        OpenBSD OpenBSD 3.5
        OpenBSD OpenBSD 3.4
        OpenBSD OpenBSD 3.6

- 漏洞信息

OpenBSD isakmpd ipsec Credential Local DoS
Local Access Required Denial of Service
Loss of Availability
Exploit Unknown

- 漏洞描述

OpenBSD contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user sets IPSEC credentials on a socket, and will result in loss of availability for the platform.

- 时间线

2004-12-15 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, OpenBSD has released a patch to address this vulnerability.

- 相关参考

- 漏洞作者

Unknown or Incomplete