CVE-2008-3651

Published Aug 13, 2008

Last updated 2 years ago

Overview

Description: Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0A69277A-A538-4875-9140-D1B568A63681"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2347ADA0-96EB-4459-8AFB-82390B710430"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.3.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22FC05B8-0779-40E5-B914-0E74A3E96E3E"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C9A27FF-7B8E-4069-8550-B2646F5F8692"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB3E11FE-1F19-4816-BF99-EE192A361E06"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6F785F17-6BE9-4014-9793-3D9ADC1DB15C"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2D334F8D-A40B-43F5-B8E8-FB6188C0ABC9"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "937B89D2-D73A-43A6-9278-5232EC59C7CD"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.6.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DC8E64E-8806-495A-8D20-4B3527F99F46"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.6.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1980469E-207B-46FA-B921-6D3A188E2C01"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.6.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6CD9290-6AA1-43B1-B903-BD8957DF37E9"
          },
          {
            "criteria": "cpe:2.3:a:linux:ipsec_tools_racoon_daemon:0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DCA860C-0E18-4CEE-88D8-11C475FBB393"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References