Family: Denial of Service --> Category: kill_host
Racoon invalid cookie malloc bug Vulnerability Scan
Vulnerability Scan Summary
Racoon invalid cookie malloc bug
Detailed Explanation for this Vulnerability Test
The remote system appears to have a problem with processing
invalid requests with invalid cookie values. At least one
VPN product (racoon) demonstrates this flaw. Racoon is integrated
FreeBSD 4.0 and beyond
OpenBSD 2.7 and beyond
NetBSD 1.5 and beyond
BSD/OS 4.2 and beyond
However, the bug has only been verified on FreeBSD systems.
A possible hacker may use this flaw to disable your VPN remotely.
Solution : If you are running racoon VPN, download and install
the latest SNAP kit from http://www.kame.net. If you are running
a non-racoon VPN server which is crashing due to this check, consult
your vendor for a fix.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.