Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2004:069: ipsec-tools Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the ipsec-tools package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2004:069 (ipsec-tools).
A vulnerability in racoon prior to version 20040408a would allow a remote
attacker to cause a DoS (memory consumption) via an ISAKMP packet with a large
Another vulnerability in racoon was discovered where, when using RSA signatures,
racoon would validate the X.509 certificate but would not validate the
signature. This can be exploited by a possible hacker sending a valid and trusted
X.509 certificate and any private key. Using this, they could perform a
man-in-the-middle attack and initiate an unauthorized connection. This has been
fixed in ipsec-tools 0.3.3.
The updated packages contain patches backported from 0.3.3 to correct the
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:069
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.