CVE-2008-3651

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

CVE-2008-3652

CVE-2008-3652 is described in the connected MiracleLinux advisory as a vulnerability in ipsec-tools’ racoon daemon where an remote-initiated phase 1 handle (ph1) is not removed, enabling a denial of service via resource consumption. The affected component is the racoon part of ipsec-tools; the ro...

CVE-2008-3651

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service memory consumption via invalid proposals...

CVE-2008-3652

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" phase 1 handle when it has been initiated remotely, which allows remote attackers to cause a denial of service resource consumption...

CVE-2008-3651

CVE-2008-3651 is a memory-leak DoS flaw in the ipsec-tools racoon daemon. Affected component: racoon/proposal.c in ipsec-tools up to version 0.7.1. Root cause: memory leaks that can be triggered by invalid proposals, allowing remote authenticated users to exhaust memory and cause a denial of serv...

CVE-2008-3651

Removed by vendor...

CVE-2008-3652

Removed by vendor...

CVE-2008-2246

Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions...

Default configuration

Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions...

CVE-2008-2246

Microsoft Windows Vista through SP1 and Server 2008 do not properly import the default IPsec policy from a Windows Server 2003 domain to a Windows Server 2008 domain, which prevents IPsec rules from being enforced and allows remote attackers to bypass intended access restrictions...

PT-2008-1042 · Ipsec Tools +1 · Ipsec-Tools +1

Name of the Vulnerable Software and Affected Versions: ipsec-tools versions prior to 0.7.1 ipsec-tools version 0.3.3 ipsec-tools version 0.2.5 Description: The issue is related to multiple vulnerabilities in the ipsec-tools package, which can lead to a disruption of protected information...

CVE-2008-2246

The CVE-2008-2246 issue is an information-disclosure vulnerability in IPsec policy processing when importing a Windows Server 2003 IPsec policy into Windows Server 2008 domains. Affected products include Windows Vista (SP1) and Windows Server 2008 (and variants listed by OpenVAS/Nessus entries). ...

MS08-047: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)

The remote version of Windows contains a bug in its IPsec implementation which might lead to information disclosure. Specifically, when importing a Windows Server 2003 IPsec policy into a Windows Server 2008 domain, the system could ignore the IPsec policies and transmit the traffic in cleartext....

Microsoft Security Bulletin MS08-047 – Important Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733)

Microsoft Security Bulletin MS08-047 – Important Vulnerability in IPsec Policy Processing Could Allow Information Disclosure 953733 Published: August 12, 2008 Version: 1.0 General Information Executive Summary This update resolves a privately reported vulnerability in the way certain Windows...

Microsoft Windows IPsec Information Disclosure Vulnerability

...

Microsoft Windows IPSec policies vulnerability

Under certain conditions rules are not applied after Windows 2003 domain is migrated to Windows 2008...

ipset-tools -- Denial of Service Vulnerabilities

SecurityFocus reports: IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets. A successful attack allows a remote attacker to crash the software, denying further service to legitimate users...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : linux, linux-source-2.6.15/20/22 vulnerabilities (USN-625-1)

Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2007-6282 Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. ...

USN-625-1: Linux kernel vulnerabilities

Dirk Nehring discovered that the IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2007-6282 Johannes Bauer discovered that the 64bit kernel did not correctly handle hrtimer updates. ...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 5375)

This kernel update fixes quite a number of security problems : - A remote attacker could crash the IPSec/IPv6 stack by sending a bad ESP packet. This requires the host to be able to receive such packets default filtered by the firewall. CVE-2007-6282 - A problem in SIT IPv6 tunnel handling could ...