174164 – CVE-2005-3732 ipsec-tools IKE DoS

Bug 174164 - CVE-2005-3732 ipsec-tools IKE DoS

Summary: CVE-2005-3732 ipsec-tools IKE DoS

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	ipsec-tools
Sub Component:
Version:	5
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	low
Target Milestone:	---
Assignee:	Harald Hoyer
QA Contact:
Docs Contact:
URL:
Whiteboard:	impact=low,public=20051120,reported=2...
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2005-11-25 12:36 UTC by Mark J. Cox
Modified:	2007-11-30 22:11 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-09-29 10:32:15 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Mark J. Cox 2005-11-25 12:36:07 UTC

Tracking for FC5test1

+++ This bug was initially created as a clone of Bug #173842 +++

ipsec-tools IKE DoS

There is a denial of service bug in racoon which can only be triggered
by having a very weak configuration.

More information is in the message posted to the ipsec-tools mailing 
list:
http://sourceforge.net/mailarchive/forum.php?thread_id=9017454&forum_id=32000

The patch is here:
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp_agg.c?r1=1.20.2.3&r2=1.20.2.4&diff_format=u


This issue also affects FC3

Comment 1 Rahul Sundaram 2006-02-20 11:09:54 UTC


These bugs are being closed since a large number of updates have been released
after the FC5 test1 and test2 releases. Kindly update your system by running yum
update as root user or try out the third and final test version of FC5 being
released in a short while and verify if the bugs are still present on the system
.Reopen or file new bug reports as appropriate after confirming the presence of
this issue. Thanks

Note You need to log in before you can comment on or make changes to this bug.