[ GLSA 200406-20 ] FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200406-20 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling

Background FreeS/WAN, Openswan, strongSwan and Super-FreeS/WAN are Open Source implementations of IPsec for the Linux operating system. They are all based on the discontinued FreeS/WAN project. Description All these IPsec implementations have several bugs in the verifyx509cert function, which...

[ GLSA 200406-17 ] IPsec-Tools: authentication bug in racoon

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200406-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

IPsec-Tools: authentication bug in racoon

Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description The KAME IKE daemon racoon is used to authenticate peers during Phase 1 when using either preshared keys, GSS-API,...

unauthorized deletion of IPsec SAs in isakmpd, still

1 Abstract For nearly 10 months a handful of OpenBSD-developers is trying to fix a plethora of payload handling flaws in isakmpd. On 2004/01/13 they released something like a final patch to a broader public. The patch protects against some specific attacks, but does not solve the problem. 2...

Cisco IPsec VPNSM vulnerable to DoS via malformed IKE packet

Overview A vulnerability in a Cisco VPN module can allow a remote attacker to cause a denial-of-service to the device in which the module is installed. Description The Cisco IP Security IPsec VPN Services Module VPNSM is a high-speed module for the Cisco Catalyst 6500 Series Switch and the Cisco...

OpenBSD 3.x - ISAKMPD Security Association Piggyback Delete Payload Denial of Service

OpenBSD 3.x - ISAKMPD Security Association Piggyback Delete Payload Denial of Service source: https://www.securityfocus.com/bid/10496/info It is reported that OpenBSD's isakmpd daemon is susceptible to a remote denial of service vulnerability. An attacker is able to delete security associations a...

OpenBSD 3.x - ISAKMPD Security Association Piggyback Delete Payload Denial of Service

source: https://www.securityfocus.com/bid/10496/info It is reported that OpenBSD's isakmpd daemon is susceptible to a remote denial of service vulnerability. An attacker is able to delete security associations and policies from IPSec VPN's by sending a malformed UDP ISAKMP packet to a vulnerable...

Important: Red Hat Security Advisory: ipsec-tools security update

An updated ipsec-tools package that fixes vulnerabilities in racoon the ISAKMP daemon is now available. IPSEC uses strong cryptography to provide both authentication and encryption services. With versions of ipsec-tools prior to 0.2.3, it was possible for an attacker to cause unauthorized deletio...

ipsec-tools and iputils contain a remote DoS vulnerability

Background From http://ipsec-tools.sourceforge.n et/ "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." iputils is a collection of network monitoring tools, including racoon, ping and ping6. Description When racoon receives an ISAKMP header, it allocates memo...

Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Notice: Cisco IPsec VPN Implementation Group Password Usage Vulnerability Revision 1.0 For Public Release 2004 April 15 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Details...

Cisco IPSec VPN module IKE DoS

Device crashes on malformed IKE packet...

Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IPSec VPN Services Module Malformed IKE Packet Vulnerability Revision 1.0 For Public Release 2004 April 8 at 1600 UTC GMT ---------------------------------------------------------------------- Contents Summary Affected...

KAME Racoon IKE daemon fails to properly verify client RSA signatures

Overview The KAME Racoon IKE daemon fails to properly verify client RSA signatures when using Main or Aggressive Mode during a Phase 1 IKE exchange. Description Racoon is an IKE Key Management daemon that negotiates and configures a set of parameters for IPSec. When authenticating a peer in Phase...

Cisco IPSec Malformed IKE Packet Vulnerability

...

Cisco IPSec VPNSM IKE Packet DoS (CSCed30113)

The remote router contains a version of IOS which has multiple flaws when dealing with malformed IKE packets. CISCO identifies this vulnerability as bug id CSCed30113 An attacker may use this flaw to render this router inoperable C Tenable Network Security include"compat.inc"; ifdescription...

ipsec-tools contains an X.509 certificates vulnerability.

Background From http://ipsec-tools.sourceforge.net/ : "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." Description racoon a utility in the ipsec-tools package does not verify digital signatures on Phase1 packets. This means that anybody holding the correct...

CVE-2004-0219

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service crash via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite...

unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

0 Preface Now that most bugs in isakmpd that allowed for unauthorized SA deletion are "fixed", it's time to release some information on racoon. By the way: About 5 months ago I tried to contact the KAME developers. 1 Description racoon, KAME's IKE daemon, contains some flaws, that allow for...

CVE-2003-1004

Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service dropped IPSec tunnel connection via an IKE Phase I negotiation request to the outside interface of the firewall...