Executive Summary

Informations
NameCVE-2008-3652First vendor Publication2008-08-12
VendorCveLast vendor Modification2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652

CWE : Common Weakness Enumeration

%idName
100 %CWE-399Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:17743
 
Oval ID: oval:org.mitre.oval:def:17743
Title: USN-641-1 -- ipsec-tools vulnerabilities
Description: It was discovered that there were multiple ways to leak memory during the IKE negotiation when handling certain packets.
Family: unix Class: patch
Reference(s): USN-641-1
CVE-2008-3651
CVE-2008-3652
Version: 5
Platform(s): Ubuntu 6.06
Ubuntu 7.04
Ubuntu 7.10
Ubuntu 8.04
Product(s): ipsec-tools
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:10448
 
Oval ID: oval:org.mitre.oval:def:10448
Title: src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Description: src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Family: unix Class: vulnerability
Reference(s): CVE-2008-3652
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21819
 
Oval ID: oval:org.mitre.oval:def:21819
Title: ELSA-2008:0849: ipsec-tools security update (Important)
Description: src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Family: unix Class: patch
Reference(s): ELSA-2008:0849-01
CVE-2008-3651
CVE-2008-3652
Version: 13
Platform(s): Oracle Linux 5
Product(s): ipsec-tools
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29044
 
Oval ID: oval:org.mitre.oval:def:29044
Title: RHSA-2008:0849 -- ipsec-tools security update (Important)
Description: An updated ipsec-tools package that fixes two security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team.
Family: unix Class: patch
Reference(s): RHSA-2008:0849
CESA-2008:0849-CentOS 3
CESA-2008:0849-CentOS 5
CVE-2008-3651
CVE-2008-3652
Version: 2
Platform(s): Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 3
CentOS Linux 5
Product(s): ipsec-tools
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2010-05-12Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13Name : SLES10: Security update for ipsec-tools
File : nvt/sles10_ipsec-tools0.nasl
2009-10-10Name : SLES9: Security update for ipsec-tools
File : nvt/sles9p5037740.nasl
2009-05-20Name : Fedora Core 9 FEDORA-2009-4291 (ipsec-tools)
File : nvt/fcore_2009_4291.nasl
2009-04-09Name : Mandriva Update for ipsec-tools MDVSA-2008:181 (ipsec-tools)
File : nvt/gb_mandriva_MDVSA_2008_181.nasl
2009-03-23Name : Ubuntu Update for ipsec-tools vulnerabilities USN-641-1
File : nvt/gb_ubuntu_USN_641_1.nasl
2009-03-06Name : RedHat Update for ipsec-tools RHSA-2008:0849-01
File : nvt/gb_RHSA-2008_0849-01_ipsec-tools.nasl
2009-02-27Name : CentOS Update for ipsec-tools CESA-2008:0849 centos3 i386
File : nvt/gb_CESA-2008_0849_ipsec-tools_centos3_i386.nasl
2009-02-27Name : CentOS Update for ipsec-tools CESA-2008:0849 centos3 x86_64
File : nvt/gb_CESA-2008_0849_ipsec-tools_centos3_x86_64.nasl
2009-02-18Name : SuSE Security Summary SUSE-SR:2009:004
File : nvt/suse_sr_2009_004.nasl
2009-02-17Name : Fedora Update for ipsec-tools FEDORA-2008-9007
File : nvt/gb_fedora_2008_9007_ipsec-tools_fc9.nasl
2009-02-17Name : Fedora Update for ipsec-tools FEDORA-2008-9016
File : nvt/gb_fedora_2008_9016_ipsec-tools_fc8.nasl
2009-01-26Name : FreeBSD Ports: ipsec-tools
File : nvt/freebsd_ipsec-tools.nasl
2008-12-03Name : Gentoo Security Advisory GLSA 200812-03 (ipsec-tools)
File : nvt/glsa_200812_03.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
47460IPsec-Tools racoon src/racoon/handler.c Orphaned Phase 1 Handle Remote DoS

Nessus® Vulnerability Scanner

DateDescription
2014-11-26Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2009-0010.nasl - Type : ACT_GATHER_INFO
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2008-0849.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20080826_ipsec_tools_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-01-04Name : The remote server is affected by a signature validation bypass vulnerability.
File : openssl_0_9_8j.nasl - Type : ACT_GATHER_INFO
2011-01-27Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_novell-ipsec-tools-5888.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12259.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_novell-ipsec-tools-081220.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_ipsec-tools-080925.nasl - Type : ACT_GATHER_INFO
2009-05-13Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO
2009-05-13Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-181.nasl - Type : ACT_GATHER_INFO
2009-02-13Name : The remote openSUSE host is missing a security update.
File : suse_novell-ipsec-tools-5887.nasl - Type : ACT_GATHER_INFO
2009-01-22Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_abcacb5ae7f111ddafcd00e0815b8da8.nasl - Type : ACT_GATHER_INFO
2008-12-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200812-03.nasl - Type : ACT_GATHER_INFO
2008-11-11Name : The remote openSUSE host is missing a security update.
File : suse_ipsec-tools-5630.nasl - Type : ACT_GATHER_INFO
2008-11-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ipsec-tools-5638.nasl - Type : ACT_GATHER_INFO
2008-11-07Name : The remote Fedora host is missing a security update.
File : fedora_2008-9007.nasl - Type : ACT_GATHER_INFO
2008-11-07Name : The remote Fedora host is missing a security update.
File : fedora_2008-9016.nasl - Type : ACT_GATHER_INFO
2008-09-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-641-1.nasl - Type : ACT_GATHER_INFO
2008-08-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2008-0849.nasl - Type : ACT_GATHER_INFO
2008-08-27Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2008-0849.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
BIDhttp://www.securityfocus.com/bid/30657
CERThttp://www.us-cert.gov/cas/techalerts/TA09-133A.html
CONFIRMhttp://support.apple.com/kb/HT3549
http://support.apple.com/kb/HT3639
GENTOOhttp://security.gentoo.org/glsa/glsa-200812-03.xml
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:181
MLISThttp://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8...
REDHAThttp://www.redhat.com/support/errata/RHSA-2008-0849.html
SECTRACKhttp://www.securitytracker.com/id?1020692
SECUNIAhttp://secunia.com/advisories/31478
http://secunia.com/advisories/31624
http://secunia.com/advisories/32759
http://secunia.com/advisories/32971
http://secunia.com/advisories/35074
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
UBUNTUhttp://www.ubuntu.com/usn/usn-641-1
VUPENhttp://www.vupen.com/english/advisories/2008/2378
http://www.vupen.com/english/advisories/2008/2844
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1621
XFhttp://xforce.iss.net/xforce/xfdb/44424

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2014-11-27 13:27:22
  • Multiple Updates
2014-02-17 10:46:06
  • Multiple Updates
2013-05-11 00:23:35
  • Multiple Updates