ipsec-tools -- remotely exploitable computational-complexity attack

ID 974A6D32-3FDA-11E8-AEA4-001B216D295B
Type freebsd
Reporter FreeBSD
Modified 2016-12-02T00:00:00


Robert Foggia via NetBSD GNATS reports:

The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending isakmp fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.