Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51131
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2004:165
Summary:NOSUMMARY
Description:Description:

The remote host is missing updates announced in
advisory RHSA-2004:165.

IPSEC uses strong cryptography to provide both authentication and
encryption services.

With versions of ipsec-tools prior to 0.2.3, it was possible for an
attacker to cause unauthorized deletion of SA (Security Associations.)
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-0164 to this issue.

With versions of ipsec-tools prior to 0.2.5, the RSA signature on x.509
certificates was not properly verified when using certificate based
authentication. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CVE-2004-0155 to this issue.

When ipsec-tools receives an ISAKMP header, it will attempt to allocate
sufficient memory for the entire ISAKMP message according to the header's
length field. If an attacker crafts an ISAKMP header with a extremely large
value in the length field, racoon may exceed operating system resource
limits and be terminated, resulting in a denial of service. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CVE-2004-0403 to this issue.

User of IPSEC should upgrade to this updated package, which contains
ipsec-tools version 0.25 along with a security patch for CVE-2004-0403
which resolves all these issues.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2004-165.html

Risk factor : High

CVSS Score:
7.5

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2004-0155
http://marc.info/?l=bugtraq&m=108369640424244&w=2
BugTraq ID: 10072
http://www.securityfocus.com/bid/10072
Bugtraq: 20040407 CAN-2004-0155: The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allows man-in-the-middle attacks and unauthorized connections (Google Search)
http://marc.info/?l=bugtraq&m=108136746911000&w=2
CERT/CC vulnerability note: VU#552398
http://www.kb.cert.org/vuls/id/552398
http://www.gentoo.org/security/en/glsa/glsa-200406-17.xml
http://www.mandriva.com/security/advisories?name=MDKSA-2004:027
http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:069
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9291
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A945
http://www.redhat.com/support/errata/RHSA-2004-165.html
SCO Security Bulletin: SCOSA-2005.10
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/SCOSA-2005.10.txt
http://secunia.com/advisories/11328
Common Vulnerability Exposure (CVE) ID: CVE-2004-0164
http://lists.apple.com/archives/security-announce/2004/Feb/msg00000.html
BugTraq ID: 9416
http://www.securityfocus.com/bid/9416
BugTraq ID: 9417
http://www.securityfocus.com/bid/9417
Bugtraq: 20040113 unauthorized deletion of IPsec (and ISAKMP) SAs in racoon (Google Search)
http://marc.info/?l=bugtraq&m=107403331309838&w=2
Bugtraq: 20040114 Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon (Google Search)
http://marc.info/?l=bugtraq&m=107411758202662&w=2
NETBSD Security Advisory: NetBSD-SA2004-001
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-001.txt.asc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A947
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9737
XForce ISS Database: openbsd-isakmp-initialcontact-delete-sa(14118)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14118
XForce ISS Database: openbsd-isakmp-invalidspi-delete-sa(14117)
https://exchange.xforce.ibmcloud.com/vulnerabilities/14117
Common Vulnerability Exposure (CVE) ID: CVE-2004-0403
BugTraq ID: 10172
http://www.securityfocus.com/bid/10172
http://security.gentoo.org/glsa/glsa-200404-17.xml
http://www.osvdb.org/5491
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11220
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A984
http://securitytracker.com/id?1009937
http://secunia.com/advisories/11410
http://secunia.com/advisories/11877
SGI Security Advisory: 20040506-01-U
ftp://patches.sgi.com/support/free/security/advisories/20040506-01-U.asc
XForce ISS Database: racoon-isakmp-dos(15893)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15893
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.