ipsec-tools-0.6.5-8.1AXS3
エラータID: AXSA:2008-273:01
Release date:
Wednesday, October 8, 2008 - 21:06
Subject:
ipsec-tools-0.6.5-8.1AXS3
Affected Channels:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Asianux Server 3 for ppc
Asianux Server 3 for ia64
Severity:
High
Description:
The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon.
CVE-2008-3651:
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.
CVE-2008-3652:
src/racoon/handler.c in racoon in ipsec-tools does not remove an orphaned ph1 (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Solution:
Update packages
CVEs:
CVE-2008-3651
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.
CVE-2008-3652
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Additional Info:
N/A
Download:
Asianux Server 3 for x86
- ipsec-tools-0.6.5-8.1AXS3.i386.rpm
MD5: ab58d783f4513620df5e621fbc49acab
SHA-256: 57a9ffc338a90cefd333ce9f1204bba63dc1d1a6af381aa4dc8ab15873435ce8
Size: 351.24 kB
Asianux Server 3 for x86_64
- ipsec-tools-0.6.5-8.1AXS3.x86_64.rpm
MD5: 54154130ed99c7fff8c231ae153ae6e8
SHA-256: 1680981c19421e2e4d2dc401eb94a6dba405eea2d57cd78b6c9876c97c4564b6
Size: 363.73 kB