Family: Red Hat Local Security Checks --> Category: infos
RHSA-2006-0267: ipsec Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the ipsec packages
Detailed Explanation for this Vulnerability Test
Updated ipsec-tools packages that fix a bug in racoon are now available.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
The ipsec-tools package is used in conjunction with the IPsec functionality
in the linux kernel and includes racoon, an IKEv1 keying daemon.
A denial of service flaw was found in the ipsec-tools racoon daemon. If a
victim's machine has racoon configured in a non-recommended insecure
manner, it is possible for a remote attacker to crash the racoon daemon.
Users of ipsec-tools should upgrade to these updated packages, which contain
backported patches, and are not vulnerable to these issues.
Solution : http://rhn.redhat.com/errata/RHSA-2006-0267.html
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.