Test Kennung:	1.3.6.1.4.1.25623.1.0.64135
Kategorie:	Mandrake Local Security Checks
Titel:	Mandrake Security Advisory MDVSA-2009:112 (ipsec-tools)
Zusammenfassung:	The remote host is missing an update to ipsec-tools;announced via advisory MDVSA-2009:112.
Beschreibung:	Summary: The remote host is missing an update to ipsec-tools announced via advisory MDVSA-2009:112. Vulnerability Insight: racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference (CVE-2009-1574). Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue. Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update. Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1574 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html BugTraq ID: 34765 http://www.securityfocus.com/bid/34765 Debian Security Information: DSA-1804 (Google Search) http://www.debian.org/security/2009/dsa-1804 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00725.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00746.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00789.html http://security.gentoo.org/glsa/glsa-200905-03.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:112 http://www.openwall.com/lists/oss-security/2009/04/29/6 http://www.openwall.com/lists/oss-security/2009/05/04/3 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9624 http://www.redhat.com/support/errata/RHSA-2009-1036.html http://secunia.com/advisories/35113 http://secunia.com/advisories/35153 http://secunia.com/advisories/35159 http://secunia.com/advisories/35212 http://secunia.com/advisories/35404 http://secunia.com/advisories/35685 SuSE Security Announcement: SUSE-SR:2009:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://www.ubuntu.com/usn/USN-785-1 http://www.vupen.com/english/advisories/2009/3184 XForce ISS Database: ipsectools-isakmpfrag-dos(50412) https://exchange.xforce.ibmcloud.com/vulnerabilities/50412
Copyright	Copyright (C) 2009 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.