Executive Summary
Summary | |
---|---|
Title | ipsec-tools security update |
Informations | |||
---|---|---|---|
Name | RHSA-2008:0849 | First vendor Publication | 2008-08-26 |
Vendor | RedHat | Last vendor Modification | 2008-08-26 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.8 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: An updated ipsec-tools package that fixes two security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Description: The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon. Two denial of service flaws were found in the ipsec-tools racoon daemon. It was possible for a remote attacker to cause the racoon daemon to consume all available memory. (CVE-2008-3651, CVE-2008-3652) Users of ipsec-tools should upgrade to this updated package, which contains backported patches that resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bugs fixed (http://bugzilla.redhat.com/): 456660 - CVE-2008-3651 ipsec-tools: racoon memory leak caused by invalid proposals 458846 - CVE-2008-3652 ipsec-tools: racoon orphaned ph1s memory leak |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2008-0849.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-399 | Resource Management Errors |
50 % | CWE-200 | Information Exposure |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10448 | |||
Oval ID: | oval:org.mitre.oval:def:10448 | ||
Title: | src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption). | ||
Description: | src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption). | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3652 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10453 | |||
Oval ID: | oval:org.mitre.oval:def:10453 | ||
Title: | Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals. | ||
Description: | Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2008-3651 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:17743 | |||
Oval ID: | oval:org.mitre.oval:def:17743 | ||
Title: | USN-641-1 -- ipsec-tools vulnerabilities | ||
Description: | It was discovered that there were multiple ways to leak memory during the IKE negotiation when handling certain packets. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-641-1 CVE-2008-3651 CVE-2008-3652 | Version: | 5 |
Platform(s): | Ubuntu 6.06 Ubuntu 7.04 Ubuntu 7.10 Ubuntu 8.04 | Product(s): | ipsec-tools |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21819 | |||
Oval ID: | oval:org.mitre.oval:def:21819 | ||
Title: | ELSA-2008:0849: ipsec-tools security update (Important) | ||
Description: | src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption). | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2008:0849-01 CVE-2008-3651 CVE-2008-3652 | Version: | 13 |
Platform(s): | Oracle Linux 5 | Product(s): | ipsec-tools |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:29044 | |||
Oval ID: | oval:org.mitre.oval:def:29044 | ||
Title: | RHSA-2008:0849 -- ipsec-tools security update (Important) | ||
Description: | An updated ipsec-tools package that fixes two security issues is now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2008:0849 CESA-2008:0849-CentOS 3 CESA-2008:0849-CentOS 5 CVE-2008-3651 CVE-2008-3652 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 3 CentOS Linux 5 | Product(s): | ipsec-tools |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2010-05-12 | Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002 File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl |
2009-11-17 | Name : Mac OS X Version File : nvt/macosx_version.nasl |
2009-10-13 | Name : SLES10: Security update for ipsec-tools File : nvt/sles10_ipsec-tools0.nasl |
2009-10-10 | Name : SLES9: Security update for ipsec-tools File : nvt/sles9p5037740.nasl |
2009-05-20 | Name : Fedora Core 9 FEDORA-2009-4291 (ipsec-tools) File : nvt/fcore_2009_4291.nasl |
2009-04-09 | Name : Mandriva Update for ipsec-tools MDVSA-2008:181 (ipsec-tools) File : nvt/gb_mandriva_MDVSA_2008_181.nasl |
2009-03-23 | Name : Ubuntu Update for ipsec-tools vulnerabilities USN-641-1 File : nvt/gb_ubuntu_USN_641_1.nasl |
2009-03-06 | Name : RedHat Update for ipsec-tools RHSA-2008:0849-01 File : nvt/gb_RHSA-2008_0849-01_ipsec-tools.nasl |
2009-02-27 | Name : CentOS Update for ipsec-tools CESA-2008:0849 centos3 i386 File : nvt/gb_CESA-2008_0849_ipsec-tools_centos3_i386.nasl |
2009-02-27 | Name : CentOS Update for ipsec-tools CESA-2008:0849 centos3 x86_64 File : nvt/gb_CESA-2008_0849_ipsec-tools_centos3_x86_64.nasl |
2009-02-18 | Name : SuSE Security Summary SUSE-SR:2009:004 File : nvt/suse_sr_2009_004.nasl |
2009-02-17 | Name : Fedora Update for ipsec-tools FEDORA-2008-9007 File : nvt/gb_fedora_2008_9007_ipsec-tools_fc9.nasl |
2009-02-17 | Name : Fedora Update for ipsec-tools FEDORA-2008-9016 File : nvt/gb_fedora_2008_9016_ipsec-tools_fc8.nasl |
2009-01-26 | Name : FreeBSD Ports: ipsec-tools File : nvt/freebsd_ipsec-tools.nasl |
2008-12-03 | Name : Gentoo Security Advisory GLSA 200812-03 (ipsec-tools) File : nvt/glsa_200812_03.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
47460 | IPsec-Tools racoon src/racoon/handler.c Orphaned Phase 1 Handle Remote DoS |
47374 | IPsec-Tools racoon Invalid Proposal Handling Memory Leak Remote DoS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-11-26 | Name : The remote OracleVM host is missing a security update. File : oraclevm_OVMSA-2009-0010.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2008-0849.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing a security update. File : sl_20080826_ipsec_tools_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2011-01-27 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_novell-ipsec-tools-5888.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 9 host is missing a security-related patch. File : suse9_12259.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_novell-ipsec-tools-081220.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_ipsec-tools-080925.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO |
2009-05-13 | Name : The remote host is missing a Mac OS X update that fixes various security issues. File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-181.nasl - Type : ACT_GATHER_INFO |
2009-02-13 | Name : The remote openSUSE host is missing a security update. File : suse_novell-ipsec-tools-5887.nasl - Type : ACT_GATHER_INFO |
2009-01-22 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_abcacb5ae7f111ddafcd00e0815b8da8.nasl - Type : ACT_GATHER_INFO |
2008-12-03 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200812-03.nasl - Type : ACT_GATHER_INFO |
2008-11-11 | Name : The remote openSUSE host is missing a security update. File : suse_ipsec-tools-5630.nasl - Type : ACT_GATHER_INFO |
2008-11-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ipsec-tools-5638.nasl - Type : ACT_GATHER_INFO |
2008-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9016.nasl - Type : ACT_GATHER_INFO |
2008-11-07 | Name : The remote Fedora host is missing a security update. File : fedora_2008-9007.nasl - Type : ACT_GATHER_INFO |
2008-09-09 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-641-1.nasl - Type : ACT_GATHER_INFO |
2008-08-27 | Name : The remote CentOS host is missing a security update. File : centos_RHSA-2008-0849.nasl - Type : ACT_GATHER_INFO |
2008-08-27 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2008-0849.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:51:56 |
|