Executive Summary
Summary | |
---|---|
Title | Updated ipsec-tools package fixes vulnerabilities in ISAKMP daemon |
Informations | |||
---|---|---|---|
Name | RHSA-2004:165 | First vendor Publication | 2004-05-11 |
Vendor | RedHat | Last vendor Modification | 2004-05-11 |
Severity (Vendor) | N/A | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2004-165.html |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:11220 | |||
Oval ID: | oval:org.mitre.oval:def:11220 | ||
Title: | Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field. | ||
Description: | Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0403 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:9291 | |||
Oval ID: | oval:org.mitre.oval:def:9291 | ||
Title: | The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | ||
Description: | The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0155 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 | Product(s): | |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:945 | |||
Oval ID: | oval:org.mitre.oval:def:945 | ||
Title: | Racoon IKE Daemon Unauthorized X.509 Certificate Connection Vulnerability | ||
Description: | The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-middle attacks using a valid, trusted X.509 certificate. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0155 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:984 | |||
Oval ID: | oval:org.mitre.oval:def:984 | ||
Title: | Racoon Denial of Service via Large Length Field | ||
Description: | Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2004-0403 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 3 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 5 |
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200404-17 (ipsec-utils) File : nvt/glsa_200404_17.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200406-17 (IPsec-Tools) File : nvt/glsa_200406_17.nasl |
2008-09-04 | Name : FreeBSD Ports: racoon File : nvt/freebsd_racoon0.nasl |
2008-09-04 | Name : FreeBSD Ports: racoon File : nvt/freebsd_racoon2.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
5491 | KAME Racoon ISAKMP Header Length DoS Racoon contains a flaw that may allow a remote denial of service. The issue is triggered when sending a specially crafted ISAKMP packet containing an overly large length field, which causes the ISAKMP message to consume all available system resources, resulting in a loss of availability. |
5008 | KAME Racoon IKE Daemon RSA Signature Verification Failure Multiple IPSec implementations, including KAME, ipsec-tools, and operating systems that include them contain a flaw that may allow a malicious user to make a successful IPSec connection without proper authorization. The issue is triggered when the attacker possesses any valid and trusted X.509 certificate and the server attempts to use RSA signature authentication. While the server does check the validity of the X.509 certificate, it fails to check the RSA signature of that certificate. It is possible that the flaw may allow unauthorized access, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-04-23 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_d8769838881411d890d10020ed76ef5a.nasl - Type : ACT_GATHER_INFO |
2005-07-13 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_ccd698df8e2011d890d10020ed76ef5a.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200404-17.nasl - Type : ACT_GATHER_INFO |
2004-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200406-17.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-027.nasl - Type : ACT_GATHER_INFO |
2004-07-31 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2004-069.nasl - Type : ACT_GATHER_INFO |
2004-07-23 | Name : The remote Fedora Core host is missing a security update. File : fedora_2004-132.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote host is missing a Mac OS X update that fixes a security issue. File : macosx_SecUpd20040503.nasl - Type : ACT_GATHER_INFO |
2004-07-06 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2004-165.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:48:28 |
|