351 matches found
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
CVE-2016-10396 affects IPsec-Tools 0.8.2’s racoon daemon. A remote attacker can exhaust the remote endpoint’s resources by repeatedly sending ISAKMP fragment packets in a specific order, triggering a worst-case computational complexity in fragment reassembly (DoS). The NVD CVSSv3 base score is 7....
CVE-2016-10396
Removed by vendor...
UBUNTU-CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
ipsec-tools -- remotely exploitable computational-complexity attack
Robert Foggia via NetBSD GNATS reports: The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly...
Oracle: Security Advisory (ELSA-2008-0849)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2009-1036)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2007-0342)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : ipsec-tools (SUSE-SU-2015:1367-1)
ipsec-tools was updated to fix one security issue and a bug. This security issue was fixed : - CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests bsc931989. Due to a...
SUSE-SU-2015:1367-1 Security update for ipsec-tools
ipsec-tools was updated to fix one security issue and a bug. This security issue was fixed: - CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests bsc931989. Due to a...
Fedora 20 : ipsec-tools-0.8.2-1.fc20 (2015-8968)
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 21 : ipsec-tools-0.8.2-1.fc21 (2015-8948)
Upgraded to 0.8.2, fix for CVE-2015-4047, support for Calling-Station-Id Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Ubuntu: Security Advisory (USN-2623-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ipsec-tools FEDORA-2015-8948
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ipsec-tools FEDORA-2015-8968
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2015-0243 Updated ipsec-tools packages fix CVE-2015-4047
Updated ipsec-tools packages fix security vulnerability: Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of...
Updated ipsec-tools packages fix CVE-2015-4047
Updated ipsec-tools packages fix security vulnerability: Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of...
[SECURITY] Fedora 20 Update: ipsec-tools-0.8.2-1.fc20
This package contains tools necessary for establishing keys for IPSEC connections including the rekeying during the connection lifetime. The main tools of this package are: - setkey, a program to directly manipulate policies and SAs in the kernel - racoon, an IKEv1 keying daemon...
Ubuntu 12.04 LTS : ipsec-tools vulnerability (USN-2623-1)
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain UDP packets. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the...