CVE-2004-0164
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2004-0164
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
KAME IKE daemon (racoon) does not properly handle hash values, which allows remote attackers to delete certificates via (1) a certain delete message that is not properly handled in isakmp.c or isakmp_inf.c, or (2) a certain INITIAL-CONTACT message that is not properly handled in isakmp_inf.c.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
KAME Racoon 畸形消息删除SA漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
racoon是KAME的IKE守护程序。 racoon存在安全问题,远程攻击者可以利用这个漏洞未授权删除IPsec的SAs。 当racoon接收到包含没有设置ISAKMP安全关联(SAs)的main/aggressive/base模式初始cookie的删除消息,会使攻击者未授权删除所有Ipsec(和ISAKMP)SAs。 同样的使用INITIAL-CONTACT请求消息可不需要Hash负载以删除所有IPsec SAs相关的目的地址。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2004-0164
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2004-0164
Please Login to view more intelligence information
- ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-001.txt.ascvendor-advisoryx_refsource_NETBSD
- http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.htmlvendor-advisoryx_refsource_APPLE
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A947vdb-entrysignaturex_refsource_OVAL
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9737vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2004-0164
Same Patch Batch · n/a · 2004-02-19 · 6 CVEs total
| CVE-2003-0441 | Orville-Write多个未明缓冲区溢出漏洞 | |
| CVE-2004-0010 | Linux Kernel NCPFS ncp_lookup()未明本地权限提升漏洞 | |
| CVE-2004-0097 | 多家厂商H.323协议实现多个安全漏洞 | |
| CVE-2004-0104 | Metamail多个缓冲区溢出/格式串处理漏洞 | |
| CVE-2004-0105 | Metamail多个缓冲区溢出/格式串处理漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2004-0164
No comments yet