ipsec-tools-0.6.5-8.2AXS3
エラータID: AXSA:2009-67:01
リリース日:
2009/06/18 Thursday - 14:41
題名:
ipsec-tools-0.6.5-8.2AXS3
影響のあるチャネル:
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- ipsec-tools の racoon/isakmp_frag.c には巧妙に作られたペイロードのないフラグメント化したパケットによって、リモートの攻撃者がサービス拒否 (クラッシュ) を引き起こす脆弱性があります。(CVE-2009-1574)
- ipsec-tools には複数のメモリリークが存在し、リモートの攻撃者がサービス拒否 (メモリ消費) を引き起こす脆弱性があります。(CVE-2009-1632)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2009-1574
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.
CVE-2009-1632
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c.
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c.
追加情報:
N/A
ダウンロード:
SRPMS
- ipsec-tools-0.6.5-8.2AXS3.src.rpm
MD5: 62342e4fa2567f6193c70ffaba85789e
SHA-256: e5857361742b56a833b3f3d242cc7d6df57fcefb378b17fcba553244d3d80058
Size: 695.85 kB
Asianux Server 3 for x86
- ipsec-tools-0.6.5-8.2AXS3.i386.rpm
MD5: 310c81ca1dd1d76c3d52226320754236
SHA-256: afbbd96ab1662d7a2a902f561b509241951e9575d314ac61f5faf39220165556
Size: 353.08 kB
Asianux Server 3 for x86_64
- ipsec-tools-0.6.5-8.2AXS3.x86_64.rpm
MD5: 0baa0d8d556f8aec4c6a4b8fa140b0e0
SHA-256: dc990fc2c98e2d8eef09ce0b7418008da8c587443c296735df01d43babc42b45
Size: 365.21 kB