279 matches found
SUSE-SU-2018:0424-1 Security update for ipsec-tools
This update for ipsec-tools fixes one issue. This security issue was fixed: - CVE-2016-10396: The racoon daemon contained a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments that allowed a remote attacker to exhaust computational resources on the remot...
Debian: Security Advisory (DLA-1044-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2018-0010 Updated ipsec-tools packages fix security vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service CVE-2016-10396...
Updated ipsec-tools packages fix security vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service CVE-2016-10396...
USN-3482-1: ipsec-tools vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service...
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
Design/Logic Flaw
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
CVE-2016-10396 affects IPsec-Tools 0.8.2’s racoon daemon. A remote attacker can exhaust the remote endpoint’s resources by repeatedly sending ISAKMP fragment packets in a specific order, triggering a worst-case computational complexity in fragment reassembly (DoS). The NVD CVSSv3 base score is 7....
CVE-2016-10396
Removed by vendor...
UBUNTU-CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
CVE-2016-10396
The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending ISAKMP fragment packets in...
ipsec-tools -- remotely exploitable computational-complexity attack
Robert Foggia via NetBSD GNATS reports: The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly...
SUSE-SU-2015:1367-1 Security update for ipsec-tools
ipsec-tools was updated to fix one security issue and a bug. This security issue was fixed: - CVE-2015-4047: racoon/gssapi.c in ipsec-tools allowed remote attackers to cause a denial of service NULL pointer dereference and IKE daemon crash via a series of crafted UDP requests bsc931989. Due to a...
Ubuntu: Security Advisory (USN-2623-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated ipsec-tools packages fix CVE-2015-4047
Updated ipsec-tools packages fix security vulnerability: Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of...
[SECURITY] Fedora 21 Update: ipsec-tools-0.8.2-1.fc21
This package contains tools necessary for establishing keys for IPSEC connections including the rekeying during the connection lifetime. The main tools of this package are: - setkey, a program to directly manipulate policies and SAs in the kernel - racoon, an IKEv1 keying daemon...
[SECURITY] Fedora 20 Update: ipsec-tools-0.8.2-1.fc20
This package contains tools necessary for establishing keys for IPSEC connections including the rekeying during the connection lifetime. The main tools of this package are: - setkey, a program to directly manipulate policies and SAs in the kernel - racoon, an IKEv1 keying daemon...
Ubuntu 12.04 LTS : ipsec-tools vulnerability (USN-2623-1)
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain UDP packets. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the...
USN-2623-1: ipsec-tools vulnerability
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain UDP packets. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service...