Lucene search
K

351 matches found

NVD
NVD
added 2017/07/06 1:29 a.m.13 views

CVE-2016-10396

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...

7.8CVSS7.4AI score0.02928EPSS
Exploits0References3
CVE
CVE
added 2017/07/06 1:0 a.m.69 views

CVE-2016-10396

CVE-2016-10396 affects IPsec-Tools 0.8.2’s racoon daemon. A remote attacker can exhaust the remote endpoint’s resources by repeatedly sending ISAKMP fragment packets in a specific order, triggering a worst-case computational complexity in fragment reassembly (DoS). The NVD CVSSv3 base score is 7....

7.8CVSS7.3AI score0.02928EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2017/07/06 1:0 a.m.28 views

CVE-2016-10396

Removed by vendor...

7.8CVSS7.7AI score0.02928EPSS
Exploits0
OSV
OSV
added 2017/07/05 12:0 a.m.2 views

UBUNTU-CVE-2016-10396

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...

7.5CVSS7.1AI score0.02928EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2017/07/05 12:0 a.m.21 views

CVE-2016-10396

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...

7.8CVSS6.9AI score0.02928EPSS
Exploits0References5
FreeBSD
FreeBSD
added 2016/12/02 12:0 a.m.25 views

ipsec-tools -- remotely exploitable computational-complexity attack

Robert Foggia via NetBSD GNATS reports: The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly...

7.8CVSS3.1AI score0.02928EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.21 views

Oracle: Security Advisory (ELSA-2008-0849)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.5AI score0.03435EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.27 views

Oracle: Security Advisory (ELSA-2009-1036)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.6AI score0.11631EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2015/10/08 12:0 a.m.22 views

Oracle: Security Advisory (ELSA-2007-0342)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.4AI score0.02851EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/08/13 12:0 a.m.18 views

SUSE SLES11 Security Update : ipsec-tools (SUSE-SU-2015:1367-1)

ipsec-tools was updated to fix one security issue and a bug. This security issue was fixed : - CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests bsc931989. Due to a...

7.8CVSS7.3AI score0.09877EPSS
Exploits1References5
OSV
OSV
added 2015/08/06 10:4 a.m.6 views

SUSE-SU-2015:1367-1 Security update for ipsec-tools

ipsec-tools was updated to fix one security issue and a bug. This security issue was fixed: - CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests bsc931989. Due to a...

7.8CVSS6.3AI score0.09877EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2015/06/09 12:0 a.m.25 views

Fedora 20 : ipsec-tools-0.8.2-1.fc20 (2015-8968)

Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.8CVSS7.2AI score0.09877EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/06/09 12:0 a.m.24 views

Fedora 21 : ipsec-tools-0.8.2-1.fc21 (2015-8948)

Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

7.8CVSS7.2AI score0.09877EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-2623-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.09877EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.20 views

Fedora Update for ipsec-tools FEDORA-2015-8948

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.09877EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/06/09 12:0 a.m.32 views

Fedora Update for ipsec-tools FEDORA-2015-8968

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.09877EPSS
Exploits1References2
OSV
OSV
added 2015/06/08 9:17 p.m.4 views

MGASA-2015-0243 Updated ipsec-tools packages fix CVE-2015-4047

Updated ipsec-tools packages fix security vulnerability: Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of...

7.8CVSS6.3AI score0.09877EPSS
Exploits1References3
Mageia
Mageia
added 2015/06/08 9:17 p.m.25 views

Updated ipsec-tools packages fix CVE-2015-4047

Updated ipsec-tools packages fix security vulnerability: Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of...

7.8CVSS6.2AI score0.09877EPSS
Exploits1References2
Fedora
Fedora
added 2015/06/05 11:46 p.m.24 views

[SECURITY] Fedora 20 Update: ipsec-tools-0.8.2-1.fc20

This package contains tools necessary for establishing keys for IPSEC connections including the rekeying during the connection lifetime. The main tools of this package are: - setkey, a program to directly manipulate policies and SAs in the kernel - racoon, an IKEv1 keying daemon...

7.8CVSS2AI score0.09877EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2015/06/02 12:0 a.m.25 views

Ubuntu 12.04 LTS : ipsec-tools vulnerability (USN-2623-1)

It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain UDP packets. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the...

7.8CVSS7.2AI score0.09877EPSS
Exploits1References2
Rows per page
Query Builder