351 matches found
CVE-2007-1841
The isakmpinforecv function in src/racoon/isakmpinf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service tunnel crash via crafted 1 DELETE ISAKMPNPTYPED and 2 NOTIFY ISAKMPNPTYPEN messages...
CVE-2007-1841
CVE-2007-1841 affects ipsec-tools’ racoon daemon, where the function isakmp_info_recv in racoon/src/racoon/isakmp_inf.c can be triggered by crafted DELETE (ISAKMP_NPTYPE_D) or NOTIFY (ISAKMP_NPTYPE_N) messages to cause a denial of service (tunnel crash). Affected releases are ipsec-tools prior to...
CVE-2007-1841
Removed by vendor...
MDKA-2006:034 : ipsec-tools
IPsec-Tools1 is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation. This update fixes a few issues and introduces new functionalities to the package provided for Mandriva 2006 users: - fixed tunnel mode connection 19460 2 - fixed GSSAPI build - version update: 0.6.6 - enabled...
Debian DSA-965-1 : ipsec-tools - null dereference
The Internet Key Exchange version 1 IKEv1 implementation in racoon from ipsec-tools, IPsec tools for Linux, try to dereference a NULL pointer under certain conditions which allows a remote attacker to cause a denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...
CentOS 3 / 4 : ipsec-tools (CESA-2006:0267)
Updated ipsec-tools packages that fix a bug in racoon are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKE...
RHEL 3 / 4 : ipsec-tools (RHSA-2006:0267)
Updated ipsec-tools packages that fix a bug in racoon are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKE...
ipsec security update
CentOS Errata and Security Advisory CESA-2006:0267 Updated ipsec-tools packages that fix a bug in racoon are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec...
Moderate: Red Hat Security Advisory: ipsec-tools security update
Updated ipsec-tools packages that fix a bug in racoon are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKE...
security flaw
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in racoon in ipsec-tools before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
[SECURITY] [DSA 965-1] New ipsec-tools packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 965-1 [email protected] http://www.debian.org/security/ Martin Schulze February 6th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 965-1] New ipsec-tools packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 965-1 [email protected] http://www.debian.org/security/ Martin Schulze February 6th, 2006 http://www.debian.org/security/faq -...
DSA-965-1 ipsec-tools - null dereference
Bulletin has no description...
Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2006:020)
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in ipsec-tools racoon before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
Ubuntu 4.10 / 5.04 / 5.10 : ipsec-tools vulnerability (USN-221-1)
The Oulu University Secure Programming Group discovered a remote Denial of Service vulnerability in the racoon daemon. When the daemon is configured to use aggressive mode, then it did not check whether the peer sent all required payloads during the IKE negotiation phase. A malicious IPsec peer...
Ubuntu 4.10 : ipsec-tools vulnerability (USN-107-1)
Sebastian Krahmer discovered a Denial of Service vulnerability in the racoon daemon. By sending specially crafted ISAKMP packets, a remote attacker could trigger a buffer overflow which caused racoon to crash. This update does not introduce any source code changes affecting the ipsec-tools packag...
SUSE-SA:2005:070: ipsec-tools,freeswan,openswan
The remote host is missing the patch for the advisory SUSE-SA:2005:070 ipsec-tools,freeswan,openswan. Openswan, Freeswan and raccoon ipsec-tools have been updated to fix crashes in aggressive mode. An attacker might send specially crafted packets that can crash racoon or Pluto. The ipsec-tools /...
GLSA-200512-04 : Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation
The remote host is affected by the vulnerability described in GLSA-200512-04 Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation The Oulu University Secure Programming Group OUSPG discovered that various ISAKMP implementations, including Openswan and racoon included in the...
Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation
Background Openswan is an implementation of IPsec for Linux. IPsec-Tools is a port of KAME's implementation of the IPsec utilities, including racoon, an Internet Key Exchange daemon. Internet Key Exchange version 1 IKEv1, a derivate of ISAKMP, is an important part of IPsec. IPsec is widely used t...
[SA17668] IPsec-Tools ISAKMP IKE Message Processing Denial of Service
TITLE: IPsec-Tools ISAKMP IKE Message Processing Denial of Service SECUNIA ADVISORY ID: SA17668 VERIFY ADVISORY: http://secunia.com/advisories/17668/ CRITICAL: Moderately critical IMPACT: DoS WHERE: From remote SOFTWARE: IPsec-Tools 0.x http://secunia.com/product/3352/ DESCRIPTION: A vulnerabilit...