CentOS 3 / 4 / 5 : ipsec-tools (CESA-2008:0849)

An updated ipsec-tools package that fixes two security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionalit...

RHEL 3 / 4 / 5 : ipsec-tools (RHSA-2008:0849)

An updated ipsec-tools package that fixes two security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionalit...

ipsec-tools: racoon orphaned ph1s memory leak

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption...

Important: Red Hat Security Advisory: ipsec-tools security update

An updated ipsec-tools package that fixes two security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionalit...

ipsec-tools: racoon memory leak caused by invalid proposals

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

CVE-2008-3651

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

Memory corruption

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

CVE-2008-3652

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption...

CVE-2008-3652

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption...

CVE-2008-3651

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

CVE-2008-3652

CVE-2008-3652 is described in the connected MiracleLinux advisory as a vulnerability in ipsec-tools’ racoon daemon where an remote-initiated phase 1 handle (ph1) is not removed, enabling a denial of service via resource consumption. The affected component is the racoon part of ipsec-tools; the ro...

CVE-2008-3651

CVE-2008-3651 is a memory-leak DoS flaw in the ipsec-tools racoon daemon. Affected component: racoon/proposal.c in ipsec-tools up to version 0.7.1. Root cause: memory leaks that can be triggered by invalid proposals, allowing remote authenticated users to exhaust memory and cause a denial of serv...

CVE-2008-3651

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

CVE-2008-3652

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption...

CVE-2008-3652

Removed by vendor...

CVE-2008-3651

Removed by vendor...

PT-2008-1042 · Ipsec Tools +1 · Ipsec-Tools +1

Name of the Vulnerable Software and Affected Versions: ipsec-tools versions prior to 0.7.1 ipsec-tools version 0.3.3 ipsec-tools version 0.2.5 Description: The issue is related to multiple vulnerabilities in the ipsec-tools package, which can lead to a disruption of protected information...

ipset-tools -- Denial of Service Vulnerabilities

SecurityFocus reports: IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets. A successful attack allows a remote attacker to crash the software, denying further service to legitimate users...

openSUSE 10 Security Update : novell-ipsec-tools (novell-ipsec-tools-4655)

This update fixes a security problem in novell-ipsec-tools : CVE-2007-1841: Fix a DoS in isakmpinforecv and also a non-security bug with a crash in GSSAPI. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

Debian Security Advisory DSA 965-1 (ipsec-tools)

The remote host is missing an update to ipsec-tools announced via advisory DSA 965-1. The Internet Key Exchange version 1 IKEv1 implementation in racoon from ipsec-tools, IPsec tools for Linux, try to dereference a NULL pointer under certain conditions which allows a remote attacker to cause a...