Rapid7 Vulnerability & Exploit Database

CESA-2005:232: ipsec-tools security update

Back to Search

CESA-2005:232: ipsec-tools security update

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
03/14/2005
Created
07/25/2018
Added
03/12/2010
Modified
07/04/2017

Description

An updated ipsec-tools package that fixes a bug in parsing of ISAKMP headers is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel. The ipsec-tools package includes: - setkey, a program to directly manipulate policies and SAs - racoon, an IKEv1 keying daemon A bug was found in the way the racoon daemon handled incoming ISAKMP requests. It is possible that an attacker could crash the racoon daemon by sending a specially crafted ISAKMP packet. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0398 to this issue. Additionally, the following issues have been fixed: - racoon mishandled restarts in the presence of stale administration sockets. - on CentOS Linux 4, racoon and setkey did not properly set up forward policies, which prevented tunnels from working. Users of ipsec-tools should upgrade to this updated package, which contains backported patches, and is not vulnerable to these issues.

Solution(s)

  • centos-upgrade-ipsec-tools

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;