GLSA Bodhisattva
Joined: 17 Apr 2002 Posts: 2602 Location: Baltimore, MD
|
Posted: Fri Mar 25, 2005 6:48 pm Post subject: [ GLSA 200503-33 ] IPsec-Tools: racoon Denial of Service |
|
|
Gentoo Linux Security Advisory
Title: IPsec-Tools: racoon Denial of Service (GLSA 200503-33)
Severity: normal
Exploitable: remote
Date: March 25, 2005
Bug(s): #84479
ID: 200503-33
Synopsis
IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability.
Background
IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6.
Affected Packages
Package: net-firewall/ipsec-tools
Vulnerable: < 0.5-r1
Unaffected: >= 0.4-r1 < 0.5
Unaffected: >= 0.5-r1
Architectures: All supported architectures
Description
Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing code of racoon.
Impact
An attacker could possibly cause a Denial of Service of racoon using a specially crafted ISAKMP packet.
Workaround
There is no known workaround at this time.
Resolution
All IPsec-Tools users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.4-r1" |
References
CAN-2005-0398
ipsec-tools-devel posting
Last edited by GLSA on Sun May 07, 2006 4:55 pm; edited 1 time in total |
|