|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200503-33] IPsec-Tools: racoon Denial of Service Vulnerability Scan
Vulnerability Scan Summary IPsec-Tools: racoon Denial of Service
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200503-33
(IPsec-Tools: racoon Denial of Service)
Sebastian Krahmer has reported a potential remote Denial of
Service vulnerability in the ISAKMP header parsing code of racoon.
Impact
A possible hacker could possibly cause a Denial of Service of racoon
using a specially crafted ISAKMP packet.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0398
http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000
Solution:
All IPsec-Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.4-r1"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|