|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200404-17] ipsec-tools and iputils contain a remote DoS vulnerability Vulnerability Scan
Vulnerability Scan Summary ipsec-tools and iputils contain a remote DoS vulnerability
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200404-17
(ipsec-tools and iputils contain a remote DoS vulnerability)
When racoon receives an ISAKMP header, it allocates memory based on the
length of the header field. Thus, a possible hacker may be able to cause a Denial
of Services by creating a header that is large enough to consume all
available system resources.
Impact
This vulnerability may allow a possible hacker to remotely cause a Denial of
Service.
Workaround
A workaround is not currently known for this issue. All users are advised
to upgrade to the latest version of the affected package.
References:
http://ipsec-tools.sourceforge.net/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0403
Solution:
ipsec-tools users should upgrade to version 0.2.5 or later:
# emerge sync
# emerge -pv ">=net-firewall/ipsec-tools-0.3.1"
# emerge ">=net-firewall/ipsec-tools-0.3.1"
iputils users should upgrade to version 021109-r3 or later:
# emerge sync
# emerge -pv ">=net-misc/iputils-021109-r3"
# emerge ">=net-misc/iputils-021109-r3"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|