aru Posted January 25, 2006 Report Share Posted January 25, 2006 Mandriva Advisories MDKSA-2006:020 : ipsec-tools Updated ipsec-tools packages fix vulnerability January 25th, 2006 The Internet Key Exchange version 1 (IKEv1) implementation (isakmp_agg.c) in ipsec-tools racoon before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service (null dereference and crash) via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. The updated packages have been patched to correct this problem. The released versions of Mandriva GNU/Linux affected are: 10.1 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:020 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3732 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts