2811 matches found
CVE-2005-0039
Certain configurations of IPsec, when using Encapsulating Security Payload ESP in tunnel mode, integrity protection at a higher layer, or Authentication Header AH, allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner...
CVE-2005-0039
Certain configurations of IPsec, when using Encapsulating Security Payload ESP in tunnel mode, integrity protection at a higher layer, or Authentication Header AH, allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner...
CVE-2005-0039
Certain configurations of IPsec, when using Encapsulating Security Payload ESP in tunnel mode, integrity protection at a higher layer, or Authentication Header AH, allow remote attackers to decrypt IPSec communications by modifying the outer packet in ways that cause plaintext data from the inner...
CVE-2005-0039
CVE-2005-0039 describes vulnerabilities in IPsec configurations where using ESP in tunnel mode (with CBC mode) or AH without proper integrity protections allows an attacker to modify the outer packet and cause the inner, encrypted data to be exposed in plaintext via ICMP messages. The attacks inc...
IPSec information leak
If ESP is used without integrity control it's possible to obtain plaintext data in ICMP error meesage by modifying source packet...
NISCC Vulnerability Advisory IPSEC - 004033
Abstract: Three attacks that apply to certain configurations of IPsec have been identified. These configurations use Encapsulating Security Payload ESP in tunnel mode with confidentiality only, or with integrity protection being provided by a higher layer protocol. Some configurations using AH to...
IPsec configurations may be vulnerable to information disclosure
Overview The IPsec Encapsulating Security Payload protocol used in tunneling mode may be vulnerable to multiple attacks when confidentiality mode is used without integrity protection, or in certain cases where integrity protection is provided by higher-level protocols. Description The IP Security...
Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords
Greetings, There appears to be some deficiencies in both the documentation of the 'md5' authentication methology in pghba.conf and in the md5 hash generation which is stored in pgshadow. The md5 hash which is generated for and stored in pgshadow does not use a random salt but instead uses the...
USN-107-1: racoon vulnerability
Sebastian Krahmer discovered a Denial of Service vulnerability in the racoon daemon. By sending specially crafted ISAKMP packets, a remote attacker could trigger a buffer overflow which caused racoon to crash. This update does not introduce any source code changes affecting the ipsec-tools packag...
SUSE-SA:2005:020: ipsec-tools
The remote host is missing the patch for the advisory SUSE-SA:2005:020 ipsec-tools. Racoon is a ISAKMP key management daemon used in IPsec setups. Sebastian Krahmer of the SUSE Security Team audited the daemon and found that it handles certain ISAKMP messages in a slightly wrong way, so that remo...
Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2005:062)
A bug was discovered in the way that the racoon daemon handled incoming ISAKMP requests. It is possible that an attacker could crash the racoon daemon by sending a specially crafted ISAKMP packet. The updated packages have been patched to correct these issues. %NASLMINLEVEL 70300 C Tenable Networ...
ipsec-tools KAME racoon Daemon ISAKMP Header Parsing Remote DoS
The remote IPSEC server seems to have a problem negotiating malformed ISAKMP packets. An attacker may use this flaw to crash the remote host repeatedly and disable your VPN remotely. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17655; scriptversion"1.21";...
GLSA-200503-33 : IPsec-Tools: racoon Denial of Service
The remote host is affected by the vulnerability described in GLSA-200503-33 IPsec-Tools: racoon Denial of Service Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing code of racoon. Impact : An attacker could possibly cause a Denial of...
CVE-2005-0398
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service crash via malformed ISAKMP packets...
CVE-2005-0398
CVE-2005-0398 affects the racoon daemon in ipsec-tools prior to 0.5. A remote attacker can send malformed ISAKMP packets that trigger a crash, causing a denial of service. The issue is documented in multiple advisories (e.g., Fedora, Ubuntu USN-107-1, Gentoo GLSA) and Red Hat/FreeBSD/OpenVAS entr...
CVE-2005-0398
Removed by vendor...
IPsec-Tools: racoon Denial of service
Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing cod...
RHEL 4 : ipsec-tools (RHSA-2005:232)
The remote Redhat Enterprise Linux 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2005:232 advisory. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel. The ipsec-tools package includes: - setkey, a program...
Moderate: Red Hat Security Advisory: ipsec-tools security update
An updated ipsec-tools package that fixes a bug in parsing of ISAKMP headers is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel. The...
security flaw
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service crash via malformed ISAKMP packets...