JVNVU#725401
Striker テストツールについて
Striker テストツールによりいくつかの脆弱性が確認されています。
VU#223273
Integer underflow vulnerability in isakmpd "Certificate Request Payload" handling
VU#996177
Multiple memory leak vulnerabilities in isakmpd
VU#349113
isakmpd fails to handle ISAKMP packets with "Payload Length" of zero
VU#524497
isakmpd crashes when handling ISAKMP packets with malformed "Delete Payload"
VU#785945
isakmpd crashes when handling ISAKMP packets with malformed "Security Association Payload"
VU#432097
Novell Bordermanager VPN Service denial-of-service vulnerability
VU#492558
tcpdump contains integer underflow vulnerability in ISAKMP "Identification Payload" handling
VU#240790
tcpdump contains buffer overflow vulnerability in ISAKMP "Delete Payload" handling
Striker テストツールは Rapid 7より配布されています。
ツール入手法についての詳細は advisory@rapid7.com へお問合せください。
想定される影響は個々の脆弱性により異なります。
-
Rapid7 Security Advisory R7-0018
OpenBSD isakmpd payload handling denial-of-service vulnerabilities -
Rapid7 Security Advisory R7-0017
TCPDUMP ISAKMP payload handling denial-of-service vulnerabilities -
US-CERT Vulnerability Note VU#223273
Integer underflow vulnerability in isakmpd "Certificate Request Payload" handling -
US-CERT Vulnerability Note VU#996177
Multiple memory leak vulnerabilities in isakmpd -
US-CERT Vulnerability Note VU#349113
isakmpd fails to handle ISAKMP packets with "Payload Length" of zero -
US-CERT Vulnerability Note VU#524497
isakmpd crashes when handling ISAKMP packets with malformed "Delete Payload" -
US-CERT Vulnerability Note VU#785945
isakmpd crashes when handling ISAKMP packets with malformed "Security Association Payload" -
US-CERT Vulnerability Note VU#432097
Novell Bordermanager VPN Service denial-of-service vulnerability -
US-CERT Vulnerability Note VU#492558
tcpdump contains integer underflow vulnerability in ISAKMP "Identification Payload" handling -
US-CERT Vulnerability Note VU#240790
tcpdump contains buffer overflow vulnerability in ISAKMP "Delete Payload" handling -
ISS X-Force Database: openbsd-isakmp-integer-underflow (15629)
OpenBSD ISAKMP Cert Request payload integer underflow -
ISS X-Force Database: openbsd-isakmp-memory-leak (15519)
OpenBSD ISAKMP memory leak -
ISS X-Force Database: openbsd-isakmp-delete-dos (15630)
OpenBSD ISAKMP delete payload denial of service -
ISS X-Force Database: openbsd-isakmp-zerolength-dos (15518)
OpenBSD ISAKMP zero-length payload denial of service -
ISS X-Force Database: openbsd-isakmp-ipsec-dos (15628)
OpenBSD ISAKMP IPSEC SA payload denial of service -
ISS X-Force Database: tcpdump-isakmp-integer-underflow (15679)
tcpdump ISAKMP packet integer underflow -
ISS X-Force Database: tcpdump-isakmp-delete-bo (15680)
tcpdump ISAKMP packet delete payload buffer overflow
JPCERT 緊急報告 | |
JPCERT REPORT | |
CERT Advisory | |
CPNI Advisory | |
TRnotes | |
CVE |
CAN-2004-0220 VU#223273,XF15629 |
JVN iPedia |