CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2007/12/13 12:0 a.m.•24 views

SuSE 10 Security Update : ipsec-tools (ZYPP Patch Number 3099)

A bug in the IKE daemon 'racoon' allowed remote attackers shut down established tunnels. CVE-2007-1841 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid29466;...

Tenable Nessus•added 2007/11/10 12:0 a.m.•20 views

Ubuntu 5.10 / 6.06 LTS / 6.10 : ipsec-tools vulnerability (USN-450-1)

A flaw was discovered in the IPSec key exchange server 'racoon'. Remote attackers could send a specially crafted packet and disrupt established IPSec tunnels, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...

Tenable Nessus•added 2007/10/17 12:0 a.m.•21 views

openSUSE 10 Security Update : ipsec-tools (ipsec-tools-3098)

A bug in the IKE daemon 'racoon' allowed remote attackers shut down established tunnels CVE-2007-1841. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update ipsec-tools-3098. The text description of...

Fedora•added 2007/08/27 2:27 p.m.•25 views

Exploits0References1

[SECURITY] Fedora Core 6 Update: ipsec-tools-0.6.5-8.fc6

This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon...

4.3CVSS1.9AI score0.02851EPSS

Oracle linux•added 2007/06/26 12:0 a.m.•36 views

Moderate: ipsec-tools security update

0.6.5-8 - Upstream fix for Racoon DOS, informational delete must be encrypted - Resolves: rhbz235388 - CVE-2007-1841 ipsec-tools racoon DoS 0.6.5-7 - Resolves: 218386 labeled ipsec does not work over loopback 0.6.5-6.6 - Related: 232508 add auditing to racoon 0.6.5-6.5 - Resolves: 235680 racoon...

4.3CVSS1.3AI score0.02851EPSS

Tenable Nessus•added 2007/06/08 12:0 a.m.•25 views

Debian DSA-1299-1 : ipsec-tools - missing input sanitising

It was discovered that a specially crafted packet sent to the racoon ipsec key exchange server could cause a tunnel to crash, resulting in a denial of service. The oldstable distribution sarge isn't affected by this problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...

Debian•added 2007/06/07 5:52 p.m.•19 views

[SECURITY] [DSA 1299-1] New ipsec-tools packages fix denial of service

--------------------------------------------------------------------------- Debian Security Advisory DSA 1299-1 [email protected] http://www.debian.org/security/ dann frazier June 7th, 2007 http://www.debian.org/security/faq -...

4.3CVSS6AI score0.04544EPSS

Exploits1

Tenable Nessus•added 2007/05/25 12:0 a.m.•26 views

RHEL 5 : ipsec-tools (RHSA-2007:0342)

Updated ipsec-tools packages that fix a denial of service flaw in racoon are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionali...

4.3CVSS5.2AI score0.02851EPSS

Exploits0References3

RedHat Linux•added 2007/05/17 2:17 p.m.•2 views

ipsec-tools racoon DoS

The isakmpinforecv function in src/racoon/isakmpinf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service tunnel crash via crafted 1 DELETE ISAKMPNPTYPED and 2 NOTIFY ISAKMPNPTYPEN messages...

4.3CVSS5.8AI score0.02851EPSS

Exploits0References4

RedHat Linux•added 2007/05/17 2:17 p.m.•21 views

Moderate: Red Hat Security Advisory: ipsec-tools security update

4.3CVSS5.7AI score0.02851EPSS

Tenable Nessus•added 2007/05/10 12:0 a.m.•30 views

GLSA-200705-09 : IPsec-Tools: Denial of Service

The remote host is affected by the vulnerability described in GLSA-200705-09 IPsec-Tools: Denial of Service The isakmpinforecv function in src/racoon/isakmpinf.c does not always check that DELETE ISAKMPNPTYPED and NOTIFY ISAKMPNPTYPEN packets are encrypted. Impact : A remote attacker could send a...

4.3CVSS5.5AI score0.02851EPSS

UbuntuCve•added 2007/05/08 11:19 p.m.•28 views

CVE-2007-2524

Cross-site scripting XSS vulnerability in index.pl in Open Ticket Request System OTRS 2.0.x allows remote attackers to inject arbitrary web script or HTML via the Subaction parameter in an AgentTicketMailbox Action. NOTE: DEBIAN:DSA-1299 originally used this identifier for an ipsec-tools issue, b...

4.3CVSS6AI score0.04544EPSS

Exploits1References1

Cvelist•added 2007/05/08 11:0 p.m.•27 views

CVE-2007-2524

5.5AI score0.04544EPSS

Exploits1References14

Gentoo Linux•added 2007/05/08 12:0 a.m.•31 views

IPsec-Tools: Denial of service

Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description The isakmpinforecv function in src/racoon/isakmpinf.c does not always check that DELETE ISAKMPNPTYPED and NOTIFY...

4.3CVSS6.3AI score0.02851EPSS

Tenable Nessus•added 2007/04/19 12:0 a.m.•23 views

Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2007:084)

The ipsec-tools package prior to version 0.6.7 allows remote attackers to cause a Denial of Service tunnel crash via crafted DELTE and NOTIFY messages. Updated packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

4.3CVSS5.4AI score0.02851EPSS

Exploits0References1

UbuntuCve•added 2007/04/10 10:19 p.m.•21 views

CVE-2007-1841

4.3CVSS6AI score0.02851EPSS