Test ID:	1.3.6.1.4.1.25623.1.0.53988
Category:	Conectiva Local Security Checks
Title:	Conectiva Security Advisory CLA-2005:971 (ipsec-tools)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory CLA-2005:971. This installed version is vulnerable to a denial of service vulnerability, as well as allowing unauthorized users to connect and or to perform man-in-the-middle attacks as a result of incomplete certificate validation. Solution: Perform the necessary upgrades (including making sure you are running the latest kernel.) http://ipsec-tools.sf.net http://bugzilla.conectiva.com.br/show_bug.cgi?id=13032 http://bugzilla.conectiva.com.br/show_bug.cgi?id=13033 http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000971 Risk factor : High CVSS Score: 7.5
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-0398 1013433 http://securitytracker.com/id?1013433 12804 http://www.securityfocus.com/bid/12804 14584 http://secunia.com/advisories/14584 ADV-2005-0264 http://www.vupen.com/english/advisories/2005/0264 GLSA-200503-33 http://security.gentoo.org/glsa/glsa-200503-33.xml MDKSA-2005:062 http://www.mandriva.com/security/advisories?name=MDKSA-2005:062 RHSA-2005:232 http://www.redhat.com/support/errata/RHSA-2005-232.html [ipsec-tools-devel] 20050312 potential remote crash in racoon http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000 https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view oval:org.mitre.oval:def:10028 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10028 racoon-isakmp-header-dos(19707) https://exchange.xforce.ibmcloud.com/vulnerabilities/19707 Common Vulnerability Exposure (CVE) ID: CVE-2004-0155 http://marc.info/?l=bugtraq&m=108369640424244&w=2 BugTraq ID: 10072 http://www.securityfocus.com/bid/10072 Bugtraq: 20040407 CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allows man-in-the-middle attacks and unauthorized connections (Google Search) http://marc.info/?l=bugtraq&m=108136746911000&w=2 CERT/CC vulnerability note: VU#552398 http://www.kb.cert.org/vuls/id/552398 http://www.gentoo.org/security/en/glsa/glsa-200406-17.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:027 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9291 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A945 http://www.redhat.com/support/errata/RHSA-2004-165.html SCO Security Bulletin: SCOSA-2005.10 ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txt http://secunia.com/advisories/11328
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.