IPsec-Tools: racoon Denial of Service
Gentoo Linux Security Advisory
||GLSA 200503-33 / IPsec-Tools
||March 25, 2005
||March 25, 2005: 01
All supported architectures
IPsec-Tools' racoon is affected by a remote Denial of Service vulnerability.
IPsec-Tools is a port of KAME's implementation of the IPsec
utilities. It contains a collection of network monitoring tools,
including racoon, ping, and ping6.
Sebastian Krahmer has reported a potential remote Denial of
Service vulnerability in the ISAKMP header parsing code of racoon.
An attacker could possibly cause a Denial of Service of racoon
using a specially crafted ISAKMP packet.
There is no known workaround at this time.
All IPsec-Tools users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.4-r1"