Intrusion Prevention

OpenBSD.ISAKMPD.Zero.Payload.Length.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability in OpenBSD.
The vulnerability is caused by an error when the vulnerable software handles an ISAKMP packet with a zero-length payload. It allows a remote attacker to cause a denial of service via sending a crafted ISAKMP packet.

Affected Products

OpenBSD Project: OpenBSD 3.3
OpenBSD Project: OpenBSD 3.4

Impact

Denial of Service

Recommended Actions

For OpenBSD 3.4:
Apply the 015_isakmpd2.patch, available from the OpenBSD 3.4 errata web site. See References.
For OpenBSD 3.3:
Apply the 020_isakmpd2.patch, available from the OpenBSD 3.4 errata web site. See References.

CVE References

CVE-2004-0218