|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200512-04] Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation Vulnerability Scan
Vulnerability Scan Summary Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200512-04
(Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation)
The Oulu University Secure Programming Group (OUSPG) discovered that
various ISAKMP implementations, including Openswan and racoon (included
in the IPsec-Tools package), behave in an anomalous way when they
receive and handle ISAKMP Phase 1 packets with invalid or abnormal
contents.
Impact
A remote attacker could craft specific packets that would result in a
Denial of Service attack, if Openswan and racoon are used in specific,
weak configurations.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3671
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732
http://www.ee.oulu.fi/research/ouspg/protos/testing/c09/isakmp/
Solution:
All Openswan users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/openswan-2.4.4"
All IPsec-Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose net-firewall/ipsec-tools
Threat Level: Low
Click HERE for more information and discussions on this network vulnerability scan.
|