Personal tools
     DOCUMENTATION

Advisories:rPSA-2006-0055

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2006-0055-1

Published: 2006-04-28

Products

  • rPath Linux 1

Rating

Minor

Exposure Level Classification

Remote Deterministic Denial of Service

Updated Versions

  • ipsec-tools=conary.rpath.com@rpl:1/0.6.5-1-0.1

rPath Issue Tracking System

References

Description

The Internet Key Exchange version 1 (IKEv1) implementation
(isakmp_agg.c) in racoon in ipsec-tools before 0.6.3, when running
in aggressive mode, allows remote attackers to cause a denial
of service (null dereference and crash) via crafted IKE packets,
as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1.
This attack can be successful only when using aggressive mode,
which is not recommended and is considered to be a less secure
operational mode.

Copyright 2006 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2006-0055"