Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

ipsec-tools security update

Related Vulnerabilities: CVE-2005-0398  

Source

Synopsis

ipsec-tools security update

Type/Severity

Security Advisory: Moderate

Topic

An updated ipsec-tools package that fixes a bug in parsing of ISAKMP headers
is now available.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

The ipsec-tools package is used in conjunction with the IPsec functionality
in the linux kernel. The ipsec-tools package includes:

  • setkey, a program to directly manipulate policies and SAs
  • racoon, an IKEv1 keying daemon

A bug was found in the way the racoon daemon handled incoming ISAKMP
requests. It is possible that an attacker could crash the racoon daemon by
sending a specially crafted ISAKMP packet. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0398 to
this issue.

Additionally, the following issues have been fixed:

  • racoon mishandled restarts in the presence of stale administration sockets.
  • on Red Hat Enterprise Linux 4, racoon and setkey did not properly set up
    forward policies, which prevented tunnels from working.

Users of ipsec-tools should upgrade to this updated package, which contains
backported patches, and is not vulnerable to these issues.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc

Fixes

  • BZ - 145531 - CAN-2005-0398 racoon DoS
  • BZ - 145535 - CAN-2005-0398 racoon DoS
  • BZ - 148950 - racoon unable to start with stale socket /tmp/.racoon
  • BZ - 150179 - ipsec/racoon/setkey does not properly forward packets to vpn peer

CVEs

References

(none)

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started