Joined: 17 Apr 2002
Location: Baltimore, MD
|Posted: Fri Mar 25, 2005 6:48 pm Post subject: [ GLSA 200503-33 ] IPsec-Tools: racoon Denial of Service
|Gentoo Linux Security Advisory
Title: IPsec-Tools: racoon Denial of Service (GLSA 200503-33)
Date: March 25, 2005
IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability.
IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6.
Vulnerable: < 0.5-r1
Unaffected: >= 0.4-r1 < 0.5
Unaffected: >= 0.5-r1
Architectures: All supported architectures
Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing code of racoon.
An attacker could possibly cause a Denial of Service of racoon using a specially crafted ISAKMP packet.
There is no known workaround at this time.
All IPsec-Tools users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.4-r1"
Last edited by GLSA on Sun May 07, 2006 4:55 pm; edited 1 time in total