CVE-2004-0220

Name of the Vulnerable Software and Affected Versions OpenBSD versions 3.4 and earlier

Description The issue allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload. This payload causes an integer underflow that is used in a malloc operation, which is not properly handled.

Recommendations For OpenBSD versions 3.4 and earlier, update to a version later than 3.4 to resolve the issue. As a temporary workaround, consider restricting access to the ISAKMP protocol to minimize the risk of exploitation.