7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.099 Low
EPSS
Percentile
94.7%
CentOS Errata and Security Advisory CESA-2008:0849
The ipsec-tools package is used in conjunction with the IPsec functionality
in the Linux kernel and includes racoon, an IKEv1 keying daemon.
Two denial of service flaws were found in the ipsec-tools racoon daemon. It
was possible for a remote attacker to cause the racoon daemon to consume
all available memory. (CVE-2008-3651, CVE-2008-3652)
Users of ipsec-tools should upgrade to this updated package, which contains
backported patches that resolve these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2008-August/077369.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077370.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077377.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077378.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077384.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077386.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077388.html
https://lists.centos.org/pipermail/centos-announce/2008-August/077390.html
Affected packages:
ipsec-tools
Upstream details at:
https://access.redhat.com/errata/RHSA-2008:0849
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 3 | i386 | ipsec-tools | < 0.2.5-0.7.rhel3.5 | ipsec-tools-0.2.5-0.7.rhel3.5.i386.rpm |
CentOS | 3 | x86_64 | ipsec-tools | < 0.2.5-0.7.rhel3.5 | ipsec-tools-0.2.5-0.7.rhel3.5.x86_64.rpm |
CentOS | 5 | i386 | ipsec-tools | < 0.6.5-9.el5_2.3 | ipsec-tools-0.6.5-9.el5_2.3.i386.rpm |
CentOS | 5 | x86_64 | ipsec-tools | < 0.6.5-9.el5_2.3 | ipsec-tools-0.6.5-9.el5_2.3.x86_64.rpm |
CentOS | 3 | ia64 | ipsec-tools | < 0.2.5-0.7.rhel3.5 | ipsec-tools-0.2.5-0.7.rhel3.5.ia64.rpm |
CentOS | 4 | ia64 | ipsec-tools | < 0.3.3-7.c4 | ipsec-tools-0.3.3-7.c4.ia64.rpm |
CentOS | 3 | s390 | ipsec-tools | < 0.2.5-0.7.rhel3.5 | ipsec-tools-0.2.5-0.7.rhel3.5.s390.rpm |
CentOS | 3 | s390x | ipsec-tools | < 0.2.5-0.7.rhel3.5 | ipsec-tools-0.2.5-0.7.rhel3.5.s390x.rpm |
CentOS | 4 | s390 | ipsec-tools | < 0.3.3-7.c4 | ipsec-tools-0.3.3-7.c4.s390.rpm |
CentOS | 4 | s390x | ipsec-tools | < 0.3.3-7.c4 | ipsec-tools-0.3.3-7.c4.s390x.rpm |