6 matches found
EUVD-2002-2201
Malware in sbrugna...
EUVD-2004-0219
Malware in sbrugna...
[SA13443] OpenBSD isakmpd Denial of Service Vulnerability
TITLE: OpenBSD isakmpd Denial of Service Vulnerability SECUNIA ADVISORY ID: SA13443 VERIFY ADVISORY: http://secunia.com/advisories/13443/ CRITICAL: Not critical IMPACT: DoS WHERE: Local system OPERATING SYSTEM: OpenBSD 3.x http://secunia.com/product/100/ DESCRIPTION: A vulnerability has been...
isakmpd crashes when handling ISAKMP packets with malformed "Security Association Payload"
Overview A vulnerability exists in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security Association and Key Manageme...
isakmpd fails to handle ISAKMP packets with "Payload Length" of zero
Overview A vulnerability exists in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security Association and Key Manageme...
Re: multiple payload handling flaws in isakmpd, again
There is one important thing I forgot to mention. In isakmpd deleting an IPsec SA also means deleting the appropriate IPsec policy in almost any case. Take a look at pfkeyv2deletespi in pfkeyv2.c. It calls pfkeyv2disablesa, the policy eraser ;-, if the SA was not acquired through the kernel: if...