351 matches found
RHEL 5 : ipsec-tools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ipsec-tools: Parsing and storing ISAKMP fragments in malicious order can exhaust resources CVE-2016-10396...
RHEL 4 : ipsec-tools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ipsec-tools: multiple memory leaks fixed in 0.7.2 CVE-2009-1632 Note that Nessus has not tested for this issue but...
RHEL 5 : ipsec-tools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ipsec-tools: Parsing and storing ISAKMP fragments in malicious order can exhaust resources CVE-2016-10396 Note that...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by a vulnerability in IPsec-Tools (CVE-2016-10396)
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerability in IPsec-Tools. Vulnerability Details CVEID: CVE-2016-10396 DESCRIPTION: IPsec-Tools is vulnerable to a denial of service, caused by a flaw in the racoon daemon. By repeatedly sending ISAKMP fragment...
Security Bulletin: Vulnerability in IPSec-Tools affects IBM Integrated Management Module II (IMM2)
Summary IBM Integrated Management Module II IMM2 has addressed the following vulnerability in IPSec-Tools. Vulnerability Details CVEID: CVE-2016-10396 DESCRIPTION: IPsec-Tools is vulnerable to a denial of service, caused by a flaw in the racoon daemon. By repeatedly sending ISAKMP fragment packet...
Debian: Security Advisory (DLA-234-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K15452143: IPsec-Tools (racoon) vulnerability CVE-2004-0607
Security Advisory Description The eaycheckx509cert function in KAME Racoon successfully verifies certificates even when OpenSSL validation fails, which could allow remote attackers to bypass authentication. CVE-2004-0607 Impact There is no impact; F5 products are not affected by this vulnerabilit...
SUSE CVE-2005-0398
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service crash via malformed ISAKMP packets...
SUSE CVE-2005-3732
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
SUSE CVE-2008-3651
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...
SUSE CVE-2008-3652
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption...
SUSE CVE-2009-1574
racoon/isakmpfrag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service crash via crafted fragmented packets without a payload, which triggers a NULL pointer dereference...
SUSE CVE-2009-1632
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service memory consumption via vectors involving 1 signature verification during user authentication with X.509 certificates, related to the eaycheckx509sign function in src/racoon/cryptoopenssl.c; and 2...
SUSE CVE-2015-4047
racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests...
SUSE CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
Ubuntu: Security Advisory (USN-3482-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2015-0243)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2018-0010)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:1367-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...