Filtered by vendor Kame Subscriptions
Total 8 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-2464 3 Freebsd, Kame, Netbsd 3 Freebsd, Kame, Netbsd 2024-11-21 N/A
The mld_input function in sys/netinet6/mld6.c in the kernel in NetBSD 4.0, FreeBSD, and KAME, when INET6 is enabled, allows remote attackers to cause a denial of service (divide-by-zero error and panic) via a malformed ICMPv6 Multicast Listener Discovery (MLD) query with a certain Maximum Response Delay value.
CVE-2008-0177 1 Kame 1 Ipcomp 2024-11-21 N/A
The ipcomp6_input function in sys/netinet6/ipcomp_input.c in the KAME project before 20071201 does not properly check the return value of the m_pulldown function, which allows remote attackers to cause a denial of service (system crash) via an IPv6 packet with an IPComp header.
CVE-2005-0398 6 Altlinux, Ipsec-tools, Kame and 3 more 7 Alt Linux, Ipsec-tools, Racoon and 4 more 2024-11-20 N/A
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
CVE-2004-0607 3 Ipsec-tools, Kame, Redhat 4 Ipsec-tools, Racoon, Enterprise Linux and 1 more 2024-11-20 N/A
The eay_check_x509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication.
CVE-2004-0403 2 Kame, Redhat 2 Racoon, Enterprise Linux 2024-11-20 N/A
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
CVE-2004-0392 1 Kame 1 Racoon 2024-11-20 N/A
racoon before 20040407b allows remote attackers to cause a denial of service (infinite loop and dropped connections) via an IKE message with a malformed Generic Payload Header containing invalid (1) "Security Association Next Payload" and (2) "RESERVED" fields.
CVE-2004-0164 2 Kame, Redhat 2 Racoon, Enterprise Linux 2024-11-20 N/A
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
CVE-2004-0155 2 Kame, Redhat 2 Racoon, Enterprise Linux 2024-11-20 N/A
The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate.