Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0342

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58902

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2007:0342

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2007:0342.

The ipsec-tools package is used in conjunction with the IPsec functionality
in the linux kernel and includes racoon, an IKEv1 keying daemon.

A denial of service flaw was found in the ipsec-tools racoon daemon. It was
possible for a remote attacker, with knowledge of an existing ipsec tunnel,
to terminate the ipsec connection between two machines. (CVE-2007-1841)

Users of ipsec-tools should upgrade to these updated packages, which
contain a backported patch that resolves this issue.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0342.html
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Medium

CVSS Score:
4.3

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-1841
BugTraq ID: 23394
http://www.securityfocus.com/bid/23394
Debian Security Information: DSA-1299 (Google Search)
http://www.debian.org/security/2007/dsa-1299
http://security.gentoo.org/glsa/glsa-200705-09.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2007:084
http://sourceforge.net/mailarchive/message.php?msg_name=20070406123739.GA1546%40zen.inc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10504
RedHat Security Advisories: RHSA-2007:0342
https://rhn.redhat.com/errata/RHSA-2007-0342.html
http://www.securitytracker.com/id?1018086
http://secunia.com/advisories/24815
http://secunia.com/advisories/24826
http://secunia.com/advisories/24833
http://secunia.com/advisories/25072
http://secunia.com/advisories/25142
http://secunia.com/advisories/25322
http://secunia.com/advisories/25560
SuSE Security Announcement: SUSE-SR:2007:008 (Google Search)
http://www.novell.com/linux/security/advisories/2007_8_sr.html
http://www.ubuntu.com/usn/usn-450-1
http://www.vupen.com/english/advisories/2007/1310
XForce ISS Database: ipsectools-isakmpinforecv-dos(33541)
https://exchange.xforce.ibmcloud.com/vulnerabilities/33541

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58902
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0342
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0342. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. (CVE-2007-1841) Users of ipsec-tools should upgrade to these updated packages, which contain a backported patch that resolves this issue. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0342.html http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 4.3
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1841 BugTraq ID: 23394 http://www.securityfocus.com/bid/23394 Debian Security Information: DSA-1299 (Google Search) http://www.debian.org/security/2007/dsa-1299 http://security.gentoo.org/glsa/glsa-200705-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:084 http://sourceforge.net/mailarchive/message.php?msg_name=20070406123739.GA1546%40zen.inc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10504 RedHat Security Advisories: RHSA-2007:0342 https://rhn.redhat.com/errata/RHSA-2007-0342.html http://www.securitytracker.com/id?1018086 http://secunia.com/advisories/24815 http://secunia.com/advisories/24826 http://secunia.com/advisories/24833 http://secunia.com/advisories/25072 http://secunia.com/advisories/25142 http://secunia.com/advisories/25322 http://secunia.com/advisories/25560 SuSE Security Announcement: SUSE-SR:2007:008 (Google Search) http://www.novell.com/linux/security/advisories/2007_8_sr.html http://www.ubuntu.com/usn/usn-450-1 http://www.vupen.com/english/advisories/2007/1310 XForce ISS Database: ipsectools-isakmpinforecv-dos(33541) https://exchange.xforce.ibmcloud.com/vulnerabilities/33541
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com