|
Family: Denial of Service --> Category: kill_host
Racoon invalid cookie malloc bug Vulnerability Scan
Vulnerability Scan Summary Racoon invalid cookie malloc bug
Detailed Explanation for this Vulnerability Test
The remote system appears to have a problem with processing
invalid requests with invalid cookie values. At least one
VPN product (racoon) demonstrates this flaw. Racoon is integrated
with:
FreeBSD 4.0 and beyond
OpenBSD 2.7 and beyond
NetBSD 1.5 and beyond
BSD/OS 4.2 and beyond
However, the bug has only been verified on FreeBSD systems.
A possible hacker may use this flaw to disable your VPN remotely.
Solution : If you are running racoon VPN, download and install
the latest SNAP kit from http://www.kame.net. If you are running
a non-racoon VPN server which is crashing due to this check, consult
your vendor for a fix.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|