Vulnerabilities > CVE-2009-1574 - Remote Denial Of Service vulnerability in IPsec-Tools Prior to 0.7.2

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
ipsec-tools
nessus
exploit available

Summary

racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.

Exploit-Db

descriptionipsec-tools racoon frag-isakmp Denial of Service PoC. CVE-2009-1574. Dos exploits for multiple platform
idEDB-ID:8669
last seen2016-02-01
modified2009-05-13
published2009-05-13
reportermu-b
sourcehttps://www.exploit-db.com/download/8669/
titleipsec-tools racoon frag-isakmp Denial of Service PoC

Nessus

  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_SECUPD2009-006.NASL
    descriptionThe remote host is running a version of Mac OS X 10.5 that does not have Security Update 2009-006 applied. This security update contains fixes for the following products : - AFP Client - Adaptive Firewall - Apache - Apache Portable Runtime - ATS - Certificate Assistant - CoreGraphics - CUPS - Dictionary - DirectoryService - Disk Images - Event Monitor - fetchmail - FTP Server - Help Viewer - International Components for Unicode - IOKit - IPSec - libsecurity - libxml - OpenLDAP - OpenSSH - PHP - QuickDraw Manager - QuickLook - FreeRADIUS - Screen Sharing - Spotlight - Subversion
    last seen2020-06-01
    modified2020-06-02
    plugin id42433
    published2009-11-09
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42433
    titleMac OS X Multiple Vulnerabilities (Security Update 2009-006)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    
    if (!defined_func("bn_random")) exit(0);
    if (NASL_LEVEL < 3000) exit(0);
    
    
    include("compat.inc");
    
    
    if (description)
    {
      script_id(42433);
      script_version("1.27");
    
      script_cve_id(
        "CVE-2007-5707",
        "CVE-2007-6698",
        "CVE-2008-0658",
        "CVE-2008-5161",
        "CVE-2009-0023",
        "CVE-2009-1191",
        "CVE-2009-1195",
        "CVE-2009-1574",
        "CVE-2009-1632",
        "CVE-2009-1890",
        "CVE-2009-1891",
        "CVE-2009-1955",
        "CVE-2009-1956",
        "CVE-2009-2408",
        "CVE-2009-2409",
        "CVE-2009-2411",
        "CVE-2009-2412",
        "CVE-2009-2414",
        "CVE-2009-2416",
        "CVE-2009-2666",
        "CVE-2009-2808",
        "CVE-2009-2818",
        "CVE-2009-2819",
        "CVE-2009-2820",
        "CVE-2009-2823",
        "CVE-2009-2824",
        "CVE-2009-2825",
        "CVE-2009-2826",
        "CVE-2009-2827",
        "CVE-2009-2828",
        "CVE-2009-2829",
        "CVE-2009-2831",
        "CVE-2009-2832",
        "CVE-2009-2833",
        "CVE-2009-2834",
        "CVE-2009-2837",
        "CVE-2009-2838",
        "CVE-2009-2839",
        "CVE-2009-2840",
        "CVE-2009-3111",
        "CVE-2009-3291",
        "CVE-2009-3292",
        "CVE-2009-3293"
      );
      script_bugtraq_id(
        26245,
        27778,
        34663,
        35115,
        35221,
        35251,
        35565,
        35623,
        35888,
        35983,
        36263,
        36449,
        36959,
        36961,
        36962,
        36963,
        36964,
        36966,
        36967,
        36972,
        36973,
        36975,
        36977,
        36978,
        36979,
        36982,
        36985,
        36988,
        36990
      );
    
      script_name(english:"Mac OS X Multiple Vulnerabilities (Security Update 2009-006)");
      script_summary(english:"Check for the presence of Security Update 2009-006");
    
      script_set_attribute(
        attribute:"synopsis",
        value:
    "The remote host is missing a Mac OS X update that fixes various
    security issues."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "The remote host is running a version of Mac OS X 10.5 that does not
    have Security Update 2009-006 applied.
    
    This security update contains fixes for the following products :
    
      - AFP Client
      - Adaptive Firewall
      - Apache
      - Apache Portable Runtime
      - ATS
      - Certificate Assistant
      - CoreGraphics
      - CUPS
      - Dictionary
      - DirectoryService
      - Disk Images
      - Event Monitor
      - fetchmail
      - FTP Server
      - Help Viewer
      - International Components for Unicode
      - IOKit
      - IPSec
      - libsecurity
      - libxml
      - OpenLDAP
      - OpenSSH
      - PHP
      - QuickDraw Manager
      - QuickLook
      - FreeRADIUS
      - Screen Sharing
      - Spotlight
      - Subversion"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://support.apple.com/kb/HT3937"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
      );
      script_set_attribute(
        attribute:"see_also", 
        value:"http://www.securityfocus.com/advisories/18255"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install Security Update 2009-006 or later."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploited_by_malware", value:"true");
      script_cwe_id(16, 20, 79, 119, 189, 200, 255, 264, 310, 399);
      script_set_attribute(attribute:"vuln_publication_date", value:"2009/11/09");
      script_set_attribute(attribute:"patch_publication_date", value:"2009/11/09");
      script_set_attribute(attribute:"plugin_publication_date", value:"2009/11/09");
      script_cvs_date("Date: 2018/07/16 12:48:31");
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:apple:mac_os_x");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"MacOS X Local Security Checks");
      script_copyright(english:"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/MacOSX/packages", "Host/uname");
    
      exit(0);
    }
    
    
    uname = get_kb_item("Host/uname");
    if (!uname) exit(1, "The 'Host/uname' KB item is missing.");
    
    pat = "^.+Darwin.* ([0-9]+\.[0-9.]+).*$";
    if (!ereg(pattern:pat, string:uname)) exit(1, "Can't identify the Darwin kernel version from the uname output ("+uname+").");
    
    darwin = ereg_replace(pattern:pat, replace:"\1", string:uname);
    if (ereg(pattern:"^(9\.[0-8]\.)", string:darwin))
    {
      packages = get_kb_item("Host/MacOSX/packages/boms");
      if (!packages) exit(1, "The 'Host/MacOSX/packages/boms' KB item is missing.");
    
      if (egrep(pattern:"^com\.apple\.pkg\.update\.security\.(2009\.00[6-9]|20[1-9][0-9]\.[0-9]+)\.bom", string:packages))
        exit(0, "The host has Security Update 2009-006 or later installed and therefore is not affected.");
      else
        security_hole(0);
    }
    else exit(0, "The host is running Darwin kernel version "+darwin+" and therefore is not affected.");
    
  • NASL familyMandriva Local Security Checks
    NASL idMANDRIVA_MDVSA-2009-112.NASL
    descriptionracoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference (CVE-2009-1574). Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue. Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update. Update : Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers
    last seen2020-06-01
    modified2020-06-02
    plugin id38767
    published2009-05-14
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38767
    titleMandriva Linux Security Advisory : ipsec-tools (MDVSA-2009:112-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_NOVELL-IPSEC-TOOLS-090616.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id40283
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40283
    titleopenSUSE Security Update : novell-ipsec-tools (novell-ipsec-tools-1007)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-4298.NASL
    descriptionMinor version update from upstream fixing remote DoS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id38810
    published2009-05-19
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38810
    titleFedora 10 : ipsec-tools-0.7.2-1.fc10 (2009-4298)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-200905-03.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-200905-03 (IPSec Tools: Denial of Service) The following vulnerabilities have been found in the racoon daemon as shipped with IPSec Tools: Neil Kettle reported that racoon/isakmp_frag.c is prone to a NULL pointer dereference (CVE-2009-1574). Multiple memory leaks exist in (1) the eay_check_x509sign() function in racoon/crypto_openssl.c and (2) racoon/nattraversal.c (CVE-2009-1632). Impact : A remote attacker could send specially crafted fragmented ISAKMP packets without a payload or exploit vectors related to X.509 certificate authentication and NAT traversal, possibly resulting in a crash of the racoon daemon. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id38884
    published2009-05-26
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38884
    titleGLSA-200905-03 : IPSec Tools: Denial of Service
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-4291.NASL
    descriptionMinor version update from upstream fixing remote DoS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id38809
    published2009-05-19
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38809
    titleFedora 9 : ipsec-tools-0.7.2-1.fc9 (2009-4291)
  • NASL familyMisc.
    NASL idAIRPORT_FIRMWARE_7_5_2.NASL
    descriptionAccording to the firmware version collected via SNMP, the remote Apple Time Capsule / AirPort Base Station / AirPort Extreme Base Station is affected by multiple remote vulnerabilities. - An integer overflow exists in the
    last seen2020-06-01
    modified2020-06-02
    plugin id51342
    published2010-12-17
    reporterThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51342
    titleApple Time Capsule and AirPort Base Station Firmware < 7.5.2 (APPLE-SA-2010-12-16-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_NOVELL-IPSEC-TOOLS-090616.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id41440
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41440
    titleSuSE 11 Security Update : Novell ipsec tools (SAT Patch Number 1006)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-1804.NASL
    descriptionSeveral remote vulnerabilities have been discovered in racoon, the Internet Key Exchange daemon of ipsec-tools. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1574 Neil Kettle discovered a NULL pointer dereference on crafted fragmented packets that contain no payload. This results in the daemon crashing which can be used for denial of service attacks. - CVE-2009-1632 Various memory leaks in the X.509 certificate authentication handling and the NAT-Traversal keepalive implementation can result in memory exhaustion and thus denial of service.
    last seen2020-06-01
    modified2020-06-02
    plugin id38861
    published2009-05-22
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38861
    titleDebian DSA-1804-1 : ipsec-tools - NULL pointer dereference, memory leaks
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_IPSEC-TOOLS-090613.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id39993
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39993
    titleopenSUSE Security Update : ipsec-tools (ipsec-tools-996)
  • NASL familyOracleVM Local Security Checks
    NASL idORACLEVM_OVMSA-2009-0010.NASL
    descriptionThe remote OracleVM system is missing necessary patches to address critical security updates : CVE-2009-1574 racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. CVE-2009-1632 Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c. CVE-2008-3651 Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals. CVE-2008-3652 src/racoon/handler.c in racoon in ipsec-tools does not remove an
    last seen2020-06-01
    modified2020-06-02
    plugin id79457
    published2014-11-26
    reporterThis script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/79457
    titleOracleVM 2.1 : ipsec-tools (OVMSA-2009-0010)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2009-4394.NASL
    descriptionMinor version update from upstream fixing remote DoS. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id38811
    published2009-05-19
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/38811
    titleFedora 11 : ipsec-tools-0.7.2-1.fc11 (2009-4394)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_1_IPSEC-TOOLS-090613.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id40233
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40233
    titleopenSUSE Security Update : ipsec-tools (ipsec-tools-996)
  • NASL familyMacOS X Local Security Checks
    NASL idMACOSX_10_6_2.NASL
    descriptionThe remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.2. Mac OS X 10.6.2 contains security fixes for the following products : - Adaptive Firewall - Apache - Apache Portable Runtime - Certificate Assistant - CoreMedia - CUPS - Dovecot - fetchmail - file - FTP Server - Help Viewer - ImageIO - IOKit - IPSec - Kernel - Launch Services - libsecurity - libxml - Login Window - OpenLDAP - QuickDraw Manager - QuickTime - Screen Sharing - Subversion
    last seen2020-06-01
    modified2020-06-02
    plugin id42434
    published2009-11-09
    reporterThis script is Copyright (C) 2009-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42434
    titleMac OS X 10.6.x < 10.6.2 Multiple Vulnerabilities
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2009-1036.NASL
    descriptionAn updated ipsec-tools package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. An unauthenticated, remote attacker could trigger a NULL pointer dereference that could cause the racoon daemon to crash. (CVE-2009-1574) Multiple memory leak flaws were found in the ipsec-tools racoon daemon. If a remote attacker is able to make multiple connection attempts to the racoon daemon, it was possible to cause the racoon daemon to consume all available memory. (CVE-2009-1632) Users of ipsec-tools should upgrade to this updated package, which contains backported patches to correct these issues. Users must restart the racoon daemon for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id38819
    published2009-05-19
    reporterThis script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/38819
    titleRHEL 5 : ipsec-tools (RHSA-2009:1036)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_IPSEC-TOOLS-090613.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id41403
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41403
    titleSuSE 11 Security Update : ipsec-tools (SAT Patch Number 998)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20090518_IPSEC_TOOLS_ON_SL5_X.NASL
    descriptionA denial of service flaw was found in the ipsec-tools racoon daemon. An unauthenticated, remote attacker could trigger a NULL pointer dereference that could cause the racoon daemon to crash. (CVE-2009-1574) Multiple memory leak flaws were found in the ipsec-tools racoon daemon. If a remote attacker is able to make multiple connection attempts to the racoon daemon, it was possible to cause the racoon daemon to consume all available memory. (CVE-2009-1632) Users must restart the racoon daemon for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id60585
    published2012-08-01
    reporterThis script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/60585
    titleScientific Linux Security Update : ipsec-tools on SL5.x i386/x86_64
  • NASL familySuSE Local Security Checks
    NASL idSUSE_NOVELL-IPSEC-TOOLS-6306.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id51759
    published2011-01-27
    reporterThis script is Copyright (C) 2011-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/51759
    titleSuSE 10 Security Update : Novell ipsec tools (ZYPP Patch Number 6306)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-785-1.NASL
    descriptionIt was discovered that ipsec-tools did not properly handle certain fragmented packets. A remote attacker could send specially crafted packets to the server and cause a denial of service. (CVE-2009-1574) It was discovered that ipsec-tools did not properly handle memory usage when verifying certificate signatures or processing nat-traversal keep-alive messages. A remote attacker could send specially crafted packets to the server and exhaust available memory, leading to a denial of service. (CVE-2009-1632). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id39353
    published2009-06-10
    reporterUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/39353
    titleUbuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : ipsec-tools vulnerabilities (USN-785-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_11_0_NOVELL-IPSEC-TOOLS-090616.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id40081
    published2009-07-21
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/40081
    titleopenSUSE Security Update : novell-ipsec-tools (novell-ipsec-tools-1007)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_NOVELL-IPSEC-TOOLS-6307.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id42025
    published2009-10-06
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/42025
    titleopenSUSE 10 Security Update : novell-ipsec-tools (novell-ipsec-tools-6307)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_IPSEC-TOOLS-6302.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id39514
    published2009-06-25
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/39514
    titleopenSUSE 10 Security Update : ipsec-tools (ipsec-tools-6302)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2009-1036.NASL
    descriptionFrom Red Hat Security Advisory 2009:1036 : An updated ipsec-tools package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. An unauthenticated, remote attacker could trigger a NULL pointer dereference that could cause the racoon daemon to crash. (CVE-2009-1574) Multiple memory leak flaws were found in the ipsec-tools racoon daemon. If a remote attacker is able to make multiple connection attempts to the racoon daemon, it was possible to cause the racoon daemon to consume all available memory. (CVE-2009-1632) Users of ipsec-tools should upgrade to this updated package, which contains backported patches to correct these issues. Users must restart the racoon daemon for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id67859
    published2013-07-12
    reporterThis script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/67859
    titleOracle Linux 5 : ipsec-tools (ELSA-2009-1036)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2009-1036.NASL
    descriptionAn updated ipsec-tools package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. An unauthenticated, remote attacker could trigger a NULL pointer dereference that could cause the racoon daemon to crash. (CVE-2009-1574) Multiple memory leak flaws were found in the ipsec-tools racoon daemon. If a remote attacker is able to make multiple connection attempts to the racoon daemon, it was possible to cause the racoon daemon to consume all available memory. (CVE-2009-1632) Users of ipsec-tools should upgrade to this updated package, which contains backported patches to correct these issues. Users must restart the racoon daemon for this update to take effect.
    last seen2020-06-01
    modified2020-06-02
    plugin id43749
    published2010-01-06
    reporterThis script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/43749
    titleCentOS 5 : ipsec-tools (CESA-2009:1036)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_IPSEC-TOOLS-6301.NASL
    descriptionThis update of ipsec-tools fixes a crash of racoon in ISAKMP
    last seen2020-06-01
    modified2020-06-02
    plugin id41523
    published2009-09-24
    reporterThis script is Copyright (C) 2009-2019 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/41523
    titleSuSE 10 Security Update : ipsec-tools (ZYPP Patch Number 6301)

Oval

accepted2013-04-29T04:20:47.430-04:00
classvulnerability
contributors
  • nameAharon Chernin
    organizationSCAP.com, LLC
  • nameDragos Prisaca
    organizationG2, Inc.
definition_extensions
  • commentThe operating system installed on the system is Red Hat Enterprise Linux 5
    ovaloval:org.mitre.oval:def:11414
  • commentThe operating system installed on the system is CentOS Linux 5.x
    ovaloval:org.mitre.oval:def:15802
  • commentOracle Linux 5.x
    ovaloval:org.mitre.oval:def:15459
descriptionracoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.
familyunix
idoval:org.mitre.oval:def:9624
statusaccepted
submitted2010-07-09T03:56:16-04:00
titleracoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.
version18

Redhat

advisories
rhsa
idRHSA-2009:1036
rpms
  • ipsec-tools-0:0.6.5-13.el5_3.1
  • ipsec-tools-debuginfo-0:0.6.5-13.el5_3.1

References