CVE-2003-1320

SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.

Published: Dec 31, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-1320
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

CWEs:

CWE-399

Affected Software
References

Software	From	Fixed in
sonicwall / firmware	-	6.4.0.1.x

http://www.kb.cert.org/vuls/id/287771
http://www.kb.cert.org/vuls/id/AAMN-5L74VD

Vulnerability Database

290,020

CVE-2003-1320