Executive Summary

Informations
NameCVE-2008-3652First vendor Publication2008-08-12
VendorCveLast vendor Modification2011-03-07

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652

CWE : Common Weakness Enumeration

idName
CWE-399Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:10448
 
Oval ID: oval:org.mitre.oval:def:10448
Title: src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Description: src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Family: unix Class: vulnerability
Reference(s): CVE-2008-3652
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21819
 
Oval ID: oval:org.mitre.oval:def:21819
Title: ELSA-2008:0849: ipsec-tools security update (Important)
Description: src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Family: unix Class: patch
Reference(s): ELSA-2008:0849-01
CVE-2008-3651
CVE-2008-3652
Version: 10
Platform(s): Oracle Linux 3
Oracle Linux 4
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1

OpenVAS Exploits

DateDescription
2010-05-12Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2009-11-17Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13Name : SLES10: Security update for ipsec-tools
File : nvt/sles10_ipsec-tools0.nasl
2009-10-10Name : SLES9: Security update for ipsec-tools
File : nvt/sles9p5037740.nasl
2009-05-20Name : Fedora Core 9 FEDORA-2009-4291 (ipsec-tools)
File : nvt/fcore_2009_4291.nasl
2009-04-09Name : Mandriva Update for ipsec-tools MDVSA-2008:181 (ipsec-tools)
File : nvt/gb_mandriva_MDVSA_2008_181.nasl
2009-03-23Name : Ubuntu Update for ipsec-tools vulnerabilities USN-641-1
File : nvt/gb_ubuntu_USN_641_1.nasl
2009-03-06Name : RedHat Update for ipsec-tools RHSA-2008:0849-01
File : nvt/gb_RHSA-2008_0849-01_ipsec-tools.nasl
2009-02-27Name : CentOS Update for ipsec-tools CESA-2008:0849 centos3 i386
File : nvt/gb_CESA-2008_0849_ipsec-tools_centos3_i386.nasl
2009-02-27Name : CentOS Update for ipsec-tools CESA-2008:0849 centos3 x86_64
File : nvt/gb_CESA-2008_0849_ipsec-tools_centos3_x86_64.nasl
2009-02-18Name : SuSE Security Summary SUSE-SR:2009:004
File : nvt/suse_sr_2009_004.nasl
2009-02-17Name : Fedora Update for ipsec-tools FEDORA-2008-9007
File : nvt/gb_fedora_2008_9007_ipsec-tools_fc9.nasl
2009-02-17Name : Fedora Update for ipsec-tools FEDORA-2008-9016
File : nvt/gb_fedora_2008_9016_ipsec-tools_fc8.nasl
2009-01-26Name : FreeBSD Ports: ipsec-tools
File : nvt/freebsd_ipsec-tools.nasl
2008-12-03Name : Gentoo Security Advisory GLSA 200812-03 (ipsec-tools)
File : nvt/glsa_200812_03.nasl

Open Source Vulnerability Database (OSVDB)

idDescription
47460IPsec-Tools racoon src/racoon/handler.c Orphaned Phase 1 Handle Remote DoS

Nessus® Vulnerability Scanner

DateDescription
2013-07-12Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2008-0849.nasl - Type : ACT_GATHER_INFO
2012-08-01Name : The remote Scientific Linux host is missing a security update.
File : sl_20080826_ipsec_tools_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2012-01-04Name : The remote server is affected by a signature validation bypass vulnerability.
File : openssl_0_9_8j.nasl - Type : ACT_GATHER_INFO
2011-01-27Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_novell-ipsec-tools-5888.nasl - Type : ACT_GATHER_INFO
2009-09-24Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12259.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for novell-ipsec-tools
File : suse_11_0_novell-ipsec-tools-081220.nasl - Type : ACT_GATHER_INFO
2009-07-21Name : The remote SuSE system is missing a security patch for ipsec-tools
File : suse_11_0_ipsec-tools-080925.nasl - Type : ACT_GATHER_INFO
2009-05-13Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO
2009-05-13Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO
2009-04-23Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2008-181.nasl - Type : ACT_GATHER_INFO
2009-02-13Name : The remote SuSE system is missing the security patch novell-ipsec-tools-5887
File : suse_novell-ipsec-tools-5887.nasl - Type : ACT_GATHER_INFO
2009-01-22Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_abcacb5ae7f111ddafcd00e0815b8da8.nasl - Type : ACT_GATHER_INFO
2008-12-03Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200812-03.nasl - Type : ACT_GATHER_INFO
2008-11-11Name : The remote SuSE system is missing the security patch ipsec-tools-5630
File : suse_ipsec-tools-5630.nasl - Type : ACT_GATHER_INFO
2008-11-11Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_ipsec-tools-5638.nasl - Type : ACT_GATHER_INFO
2008-11-07Name : The remote Fedora host is missing a security update.
File : fedora_2008-9007.nasl - Type : ACT_GATHER_INFO
2008-11-07Name : The remote Fedora host is missing a security update.
File : fedora_2008-9016.nasl - Type : ACT_GATHER_INFO
2008-09-09Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-641-1.nasl - Type : ACT_GATHER_INFO
2008-08-27Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2008-0849.nasl - Type : ACT_GATHER_INFO
2008-08-27Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2008-0849.nasl - Type : ACT_GATHER_INFO

Internal Sources (Detail)

SourceUrl
APPLEhttp://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
BIDhttp://www.securityfocus.com/bid/30657
CERThttp://www.us-cert.gov/cas/techalerts/TA09-133A.html
CONFIRMhttp://support.apple.com/kb/HT3549
http://support.apple.com/kb/HT3639
GENTOOhttp://security.gentoo.org/glsa/glsa-200812-03.xml
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:181
MLISThttp://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8...
REDHAThttp://www.redhat.com/support/errata/RHSA-2008-0849.html
SECTRACKhttp://www.securitytracker.com/id?1020692
SECUNIAhttp://secunia.com/advisories/31478
http://secunia.com/advisories/31624
http://secunia.com/advisories/32759
http://secunia.com/advisories/32971
http://secunia.com/advisories/35074
SUSEhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
UBUNTUhttp://www.ubuntu.com/usn/usn-641-1
VUPENhttp://www.vupen.com/english/advisories/2008/2378
http://www.vupen.com/english/advisories/2008/2844
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1621
XFhttp://xforce.iss.net/xforce/xfdb/44424

Alert History

If you want to see full details history, please login or register.
0
1
DateInformations
2014-02-17 10:46:06
  • Multiple Updates
2013-05-11 00:23:35
  • Multiple Updates