Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Gentoo Security Advisory GLSA 200404-17 (ipsec-utils)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
The remote host is missing updates announced in advisory GLSA 200404-17.
Insight
Insight
racoon, which is included in the ipsec-tools and iputils packages in Portage, does not check the length of ISAKMP headers. Attackers may be able to craft an ISAKMP header of sufficient length to consume all available system resoources, causing a Denial of Service.
Solution
Solution
ipsec-tools users should upgrade to version 0.2.5 or later: # emerge sync # emerge -pv '>=net-firewall/ipsec-tools-0.3.1' # emerge '>=net-firewall/ipsec-tools-0.3.1' iputils users should upgrade to version 021109-r3 or later: # emerge sync # emerge -pv '>=net-misc/iputils-021109-r3' # emerge '>=net-misc/iputils-021109-r3' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200404-17 http://bugs.gentoo.org/show_bug.cgi?id=48847 http://ipsec-tools.sourceforge.net/