ipsec-tools vulnerabilities

2009-06-0900:00:00

ubuntu.com

6.3 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.187 Low

EPSS

Percentile

96.2%

JSON

Releases

Ubuntu 9.04
Ubuntu 8.10
Ubuntu 8.04
Ubuntu 6.06

Packages

ipsec-tools -

Details

It was discovered that ipsec-tools did not properly handle certain
fragmented packets. A remote attacker could send specially crafted packets
to the server and cause a denial of service. (CVE-2009-1574)

It was discovered that ipsec-tools did not properly handle memory usage
when verifying certificate signatures or processing nat-traversal
keep-alive messages. A remote attacker could send specially crafted packets
to the server and exhaust available memory, leading to a denial of service.
(CVE-2009-1632)

OSVersionArchitecturePackageVersionFilename
Ubuntu9.04noarchracoon< 1:0.7-2.1ubuntu1.9.04.1UNKNOWN
Ubuntu9.04noarchipsec-tools< 1:0.7-2.1ubuntu1.9.04.1UNKNOWN
Ubuntu8.10noarchracoon< 1:0.7-2.1ubuntu1.8.10.1UNKNOWN
Ubuntu8.10noarchipsec-tools< 1:0.7-2.1ubuntu1.8.10.1UNKNOWN
Ubuntu8.04noarchracoon< 1:0.6.7-1.1ubuntu1.2UNKNOWN
Ubuntu8.04noarchipsec-tools< 1:0.6.7-1.1ubuntu1.2UNKNOWN
Ubuntu6.06noarchracoon< 1:0.6.5-4ubuntu1.3UNKNOWN
Ubuntu6.06noarchipsec-tools< 1:0.6.5-4ubuntu1.3UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	9.04	noarch	racoon	< 1:0.7-2.1ubuntu1.9.04.1	UNKNOWN
Ubuntu	9.04	noarch	ipsec-tools	< 1:0.7-2.1ubuntu1.9.04.1	UNKNOWN
Ubuntu	8.10	noarch	racoon	< 1:0.7-2.1ubuntu1.8.10.1	UNKNOWN
Ubuntu	8.10	noarch	ipsec-tools	< 1:0.7-2.1ubuntu1.8.10.1	UNKNOWN
Ubuntu	8.04	noarch	racoon	< 1:0.6.7-1.1ubuntu1.2	UNKNOWN
Ubuntu	8.04	noarch	ipsec-tools	< 1:0.6.7-1.1ubuntu1.2	UNKNOWN
Ubuntu	6.06	noarch	racoon	< 1:0.6.5-4ubuntu1.3	UNKNOWN
Ubuntu	6.06	noarch	ipsec-tools	< 1:0.6.5-4ubuntu1.3	UNKNOWN