IPSec Tools: Denial of Service
Gentoo Linux Security Advisory
||GLSA 200905-03 / ipsec-tools
||May 24, 2009
||May 24, 2009: 01
All supported architectures
Multiple errors in the IPSec Tools racoon daemon might allow remote
attackers to cause a Denial of Service.
The IPSec Tools are a port of KAME's IPsec utilities to the Linux-2.6
IPsec implementation. They include racoon, an Internet Key Exchange
daemon for automatically keying IPsec connections.
The following vulnerabilities have been found in the racoon daemon as
shipped with IPSec Tools:
- Neil Kettle reported that
racoon/isakmp_frag.c is prone to a null-pointer dereference
- Multiple memory leaks exist in (1) the
eay_check_x509sign() function in racoon/crypto_openssl.c and (2)
A remote attacker could send specially crafted fragmented ISAKMP
packets without a payload or exploit vectors related to X.509
certificate authentication and NAT traversal, possibly resulting in a
crash of the racoon daemon.
There is no known workaround at this time.
All IPSec Tools users should upgrade to the latest version:
Code Listing 3.1: Resolution
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.7.2"