RedHatRHSA-2009:1036(RHSA-2009:1036) Important: ipsec-tools security update
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.187 Low
EPSS
Percentile
95.7%
The ipsec-tools package is used in conjunction with the IPsec functionality
in the Linux kernel and includes racoon, an IKEv1 keying daemon.
A denial of service flaw was found in the ipsec-tools racoon daemon. An
unauthenticated, remote attacker could trigger a NULL pointer dereference
that could cause the racoon daemon to crash. (CVE-2009-1574)
Multiple memory leak flaws were found in the ipsec-tools racoon daemon. If
a remote attacker is able to make multiple connection attempts to the
racoon daemon, it was possible to cause the racoon daemon to consume all
available memory. (CVE-2009-1632)
Users of ipsec-tools should upgrade to this updated package, which contains
backported patches to correct these issues. Users must restart the racoon
daemon for this update to take effect.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | src | ipsec-tools | < 0.6.5-13.el5_3.1 | ipsec-tools-0.6.5-13.el5_3.1.src.rpm |
| RedHat | 5 | s390x | ipsec-tools | < 0.6.5-13.el5_3.1 | ipsec-tools-0.6.5-13.el5_3.1.s390x.rpm |
| RedHat | 5 | x86_64 | ipsec-tools | < 0.6.5-13.el5_3.1 | ipsec-tools-0.6.5-13.el5_3.1.x86_64.rpm |
| RedHat | 5 | i386 | ipsec-tools | < 0.6.5-13.el5_3.1 | ipsec-tools-0.6.5-13.el5_3.1.i386.rpm |
| RedHat | 5 | ia64 | ipsec-tools | < 0.6.5-13.el5_3.1 | ipsec-tools-0.6.5-13.el5_3.1.ia64.rpm |
| RedHat | 5 | ppc | ipsec-tools | < 0.6.5-13.el5_3.1 | ipsec-tools-0.6.5-13.el5_3.1.ppc.rpm |
Related
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.187 Low
EPSS
Percentile
95.7%