Test ID:	1.3.6.1.4.1.25623.1.0.58350
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1299-1)
Summary:	The remote host is missing an update for the Debian 'ipsec-tools' package(s) announced via the DSA-1299-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'ipsec-tools' package(s) announced via the DSA-1299-1 advisory. Vulnerability Insight: It was discovered that a specially-crafted packet sent to the racoon ipsec key exchange server could cause a tunnel to crash, resulting in a denial of service. The oldstable distribution (sarge) isn't affected by this problem. For the stable distribution (etch) this problem has been fixed in version 1:0.6.6-3.1. The unstable distribution (sid) will be fixed soon. We recommend that you upgrade your racoon package. Affected Software/OS: 'ipsec-tools' package(s) on Debian 4. Solution: Please install the updated package(s). CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-1841 BugTraq ID: 23394 http://www.securityfocus.com/bid/23394 Debian Security Information: DSA-1299 (Google Search) http://www.debian.org/security/2007/dsa-1299 http://security.gentoo.org/glsa/glsa-200705-09.xml http://www.mandriva.com/security/advisories?name=MDKSA-2007:084 http://sourceforge.net/mailarchive/message.php?msg_name=20070406123739.GA1546%40zen.inc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10504 RedHat Security Advisories: RHSA-2007:0342 https://rhn.redhat.com/errata/RHSA-2007-0342.html http://www.securitytracker.com/id?1018086 http://secunia.com/advisories/24815 http://secunia.com/advisories/24826 http://secunia.com/advisories/24833 http://secunia.com/advisories/25072 http://secunia.com/advisories/25142 http://secunia.com/advisories/25322 http://secunia.com/advisories/25560 SuSE Security Announcement: SUSE-SR:2007:008 (Google Search) http://www.novell.com/linux/security/advisories/2007_8_sr.html http://www.ubuntu.com/usn/usn-450-1 http://www.vupen.com/english/advisories/2007/1310 XForce ISS Database: ipsectools-isakmpinforecv-dos(33541) https://exchange.xforce.ibmcloud.com/vulnerabilities/33541
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.