CentOS Errata and Security Advisory CESA-2007:0342
The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon.
A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. (CVE-2007-1841)
Users of ipsec-tools should upgrade to these updated packages, which contain a backported patch that resolves this issue.
Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2007-May/013804.html http://lists.centos.org/pipermail/centos-announce/2007-May/013805.html
Affected packages: ipsec-tools
Upstream details at: https://rhn.redhat.com/errata/RHSA-2007-0342.html