Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2004:027)

A very serious security flaw was discovered by Ralf Spenneberg in racoon, the IKE daemon of the KAME-tools. Racoon does not very the RSA signature during phase one of a connection using either main or aggressive mode. Only the certificate of the client is verified, the certificate is not used to...

RHEL 3 : ipsec-tools (RHSA-2004:308)

An updated ipsec-tools package that fixes verification of X.509 certificates in racoon is now available. IPSEC uses strong cryptography to provide both authentication and encryption services. When configured to use X.509 certificates to authenticate remote hosts, ipsec-tools versions 0.3.3 and...

Important: Red Hat Security Advisory: ipsec-tools security update

An updated ipsec-tools package that fixes verification of X.509 certificates in racoon is now available. IPSEC uses strong cryptography to provide both authentication and encryption services. When configured to use X.509 certificates to authenticate remote hosts, ipsec-tools versions 0.3.3 and...

Fedora Core 2 : ipsec-tools-0.2.5-2 (2004-132)

An updated ipsec-tools package that fixes vulnerabilities in racoon the ISAKMP daemon is now available. When ipsec-tools receives an ISAKMP header, it will attempt to allocate sufficient memory for the entire ISAKMP message according to the header's length field. If an attacker crafts an ISAKMP...

Fedora Core 2 : ipsec-tools-0.2.5-4 (2004-197)

When configured to use X.509 certificates to authenticate remote hosts, ipsec-tools versions 0.3.3 and earlier will attempt to verify that host certificate, but will not abort the key exchange if the verification fails. Users of ipsec-tools should upgrade to this updated package which contains a...

RHEL 3 : ipsec-tools (RHSA-2004:165)

An updated ipsec-tools package that fixes vulnerabilities in racoon the ISAKMP daemon is now available. IPSEC uses strong cryptography to provide both authentication and encryption services. With versions of ipsec-tools prior to 0.2.3, it was possible for an attacker to cause unauthorized deletio...

[ GLSA 200406-17 ] IPsec-Tools: authentication bug in racoon

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200406-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

IPsec-Tools: authentication bug in racoon

Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description The KAME IKE daemon racoon is used to authenticate peers during Phase 1 when using either preshared keys, GSS-API,...

Important: Red Hat Security Advisory: ipsec-tools security update

An updated ipsec-tools package that fixes vulnerabilities in racoon the ISAKMP daemon is now available. IPSEC uses strong cryptography to provide both authentication and encryption services. With versions of ipsec-tools prior to 0.2.3, it was possible for an attacker to cause unauthorized deletio...

ipsec-tools and iputils contain a remote DoS vulnerability

Background From http://ipsec-tools.sourceforge.n et/ "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." iputils is a collection of network monitoring tools, including racoon, ping and ping6. Description When racoon receives an ISAKMP header, it allocates memo...

ipsec-tools contains an X.509 certificates vulnerability.

Background From http://ipsec-tools.sourceforge.net/ : "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." Description racoon a utility in the ipsec-tools package does not verify digital signatures on Phase1 packets. This means that anybody holding the correct...