FreeBSD Ports: isakmpd

The remote host is missing an update to the system as announced in the referenced advisory.

The following package is affected: isakmpd CVE-2004-0218 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. CVE-2004-0219 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite. CVE-2004-0220 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via a an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, , as demonstrated by the Striker ISAKMP Protocol Test Suite. CVE-2004-0221 isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite. CVE-2004-0222 Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Update your system with the appropriate patches or software upgrades. http://www.rapid7.com/advisories/R7-0018.html http://www.openbsd.org/errata34.html http://www.vuxml.org/freebsd/b7cb488c-8349-11d8-a41f-0020ed76ef5a.html