Kame » Racoon » 2004-04-05 : Security Vulnerabilities, CVEs,
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
Max CVSS
5.0
EPSS Score
3.86%
Published
2005-03-14
Updated
2017-10-11
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.
Max CVSS
10.0
EPSS Score
93.34%
Published
2004-12-06
Updated
2017-10-11
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
Max CVSS
5.0
EPSS Score
8.95%
Published
2004-06-01
Updated
2017-10-11
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.
Max CVSS
5.0
EPSS Score
1.19%
Published
2004-06-14
Updated
2017-07-11
4 vulnerabilities found