IPsec-Tools多个远程拒绝服务漏洞

BUGTRAQ ID: 30657 CVECAN ID: CVE-2008-3651,CVE-2008-3652 IPsec-Tools是KAME的IPsec工具到Linux平台上的移植。 ipsec-tools的racoon守护进程的src/racoon/handler.c文件没有删除远程初始化的孤儿ph1句柄，racoon/proposal.c文件中存在内存泄露漏洞。如果远程攻击者发送了无效请求报文的话，就可能导致耗尽所有可用内存。 IPsec-Tools 0.7.1 RedHat ------ RedHat已经为此发布了一个安全公告（RHSA-2008:0849-01）以及相应补丁...

Gentoo Security Advisory GLSA 200812-03 (ipsec-tools)

The remote host is missing updates announced in advisory GLSA 200812-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-200812-03 : IPsec-Tools: racoon Denial of Service

The remote host is affected by the vulnerability described in GLSA-200812-03 IPsec-Tools: racoon Denial of Service Two Denial of Service vulnerabilities have been reported in racoon: The vendor reported a memory leak in racoon/proposal.c that can be triggered via invalid proposals CVE-2008-3651...

Gentoo Security Advisory GLSA 200812-03 (ipsec-tools)

The remote host is missing updates announced in advisory GLSA 200812-03. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IPsec-Tools: racoon Denial of service

Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description Two Denial of Service vulnerabilities have been reported in racoon: The vendor reported a memory leak in...

openSUSE 10 Security Update : ipsec-tools (ipsec-tools-5630)

Remote attackers could exploit memory leaks in the 'racoon' daemon to crash it CVE-2008-3651, CVE-2008-3652 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update ipsec-tools-5630. The text descripti...

SuSE 10 Security Update : ipsec-tools (ZYPP Patch Number 5638)

Remote attackers could exploit memory leaks in the 'racoon' daemon to crash it. CVE-2008-3651 / CVE-2008-3652 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

[SECURITY] Fedora 8 Update: ipsec-tools-0.7.1-5.fc8

This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon...

[SECURITY] Fedora 9 Update: ipsec-tools-0.7.1-5.fc9

This is the IPsec-Tools package. You need this package in order to really use the IPsec functionality in the linux-2.5+ kernels. This package builds: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon...

Fedora 8 : ipsec-tools-0.7.1-5.fc8 (2008-9016)

The update fixes memory leaks potentially leading to DoS CVE-2008-3651 CVE-2008-3652. It also fixes problems with DPD and NAT-T support. This has been in rawhide for a while, with no bad reports. It improves remote-access client connection to Cisco ASA. Note that Tenable Network Security has...

Fedora 9 : ipsec-tools-0.7.1-5.fc9 (2008-9007)

The update fixes memory leaks potentially leading to DoS CVE-2008-3651 CVE-2008-3652. It also fixes problems with DPD and NAT-T support. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Cisco PIX/ASA Windows NT域绕过认证漏洞

BUGTRAQ ID: 31864 CVECAN ID: CVE-2008-3815 PIX是一款防火墙设备，可为用户和应用提供策略强化、多载体攻击防护和安全连接服务；自适应安全设备（ASA）是可提供安全和VPN服务的模块化平台。 由于Microsoft Windows NT域认证问题，Cisco ASA和Cisco PIX设备可能受VPN绕过认证漏洞的影响。配置了基于IPSec或SSL远程访问VPN的Cisco ASA或Cisco PIX安全设备存在这个漏洞，攻击者可以通过远程访问基于IPSec或SSL的VPN成功连接到Cisco ASA设备。 Cisco ASA或Cisco...

CVE-2008-4190

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the 1 ipseclive.conn and 2 ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream...

CVE-2008-4190

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the 1 ipseclive.conn and 2 ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream...

Design/Logic Flaw

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the 1 ipseclive.conn and 2 ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream...

CVE-2008-4190

The IPSEC livetest tool in Openswan 2.4.12 and earlier, and 2.6.x through 2.6.16, allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack on the 1 ipseclive.conn and 2 ipsec.olts.remote.log temporary files. NOTE: in many distributions and the upstream...

CVE-2008-4190

CVE-2008-4190 stems from Openswan’s IPsec livetest tool. The vulnerability is a local privilege escalation via a symlink attack on temporary files (ipseclive.conn and ipsec.olts.remote.log), allowing local users to overwrite arbitrary files and execute code. Affected products/versions: Openswan 2...

Gentoo Security Advisory GLSA 200512-04 (openswan ipsec-tools)

The remote host is missing updates announced in advisory GLSA 200512-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200404-05 (ipsec-tools)

The remote host is missing updates announced in advisory GLSA 200404-05. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200404-17 (ipsec-utils)

The remote host is missing updates announced in advisory GLSA 200404-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...