Test ID:	1.3.6.1.4.1.25623.1.0.61517
Category:	Red Hat Local Security Checks
Title:	RedHat Security Advisory RHSA-2008:0849
Summary:	NOSUMMARY
Description:	Description: The remote host is missing updates announced in advisory RHSA-2008:0849. The ipsec-tools package is used in conjunction with the IPsec functionality in the Linux kernel and includes racoon, an IKEv1 keying daemon. Two denial of service flaws were found in the ipsec-tools racoon daemon. It was possible for a remote attacker to cause the racoon daemon to consume all available memory. (CVE-2008-3651, CVE-2008-3652) Users of ipsec-tools should upgrade to this updated package, which contains backported patches that resolve these issues. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2008-0849.html http://www.redhat.com/security/updates/classification/#important Risk factor : High CVSS Score: 7.8
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-3651 1020667 http://www.securitytracker.com/id?1020667 30657 http://www.securityfocus.com/bid/30657 31450 http://secunia.com/advisories/31450 31624 http://secunia.com/advisories/31624 32759 http://secunia.com/advisories/32759 32971 http://secunia.com/advisories/32971 35074 http://secunia.com/advisories/35074 ADV-2008-2345 http://www.vupen.com/english/advisories/2008/2345 ADV-2008-2844 http://www.vupen.com/english/advisories/2008/2844 ADV-2009-1297 http://www.vupen.com/english/advisories/2009/1297 ADV-2009-1621 http://www.vupen.com/english/advisories/2009/1621 APPLE-SA-2009-05-12 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html APPLE-SA-2009-06-17-1 http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html GLSA-200812-03 http://security.gentoo.org/glsa/glsa-200812-03.xml MDVSA-2008:181 http://www.mandriva.com/security/advisories?name=MDVSA-2008:181 RHSA-2008:0849 http://www.redhat.com/support/errata/RHSA-2008-0849.html SUSE-SR:2008:025 http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html SUSE-SR:2009:004 http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html USN-641-1 http://www.ubuntu.com/usn/usn-641-1 [ipsec-tools-announce] 20080724 Ipsec-tools 0.7.1 released http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc [ipsec-tools-devel] 20080724 Ipsec-tools 0.7.1 released http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2 http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601 http://support.apple.com/kb/HT3549 http://support.apple.com/kb/HT3639 https://bugzilla.redhat.com/show_bug.cgi?id=456660 ipsectools-racoon-dos(44395) https://exchange.xforce.ibmcloud.com/vulnerabilities/44395 oval:org.mitre.oval:def:10453 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10453 Common Vulnerability Exposure (CVE) ID: CVE-2008-3652 1020692 http://www.securitytracker.com/id?1020692 31478 http://secunia.com/advisories/31478 ADV-2008-2378 http://www.vupen.com/english/advisories/2008/2378 [ipsec-tools-devel] 20080811 [PATCH] Track and delete orphaned ph1s http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-devel ipsectools-orphanedph1-dos(44424) https://exchange.xforce.ibmcloud.com/vulnerabilities/44424 oval:org.mitre.oval:def:10448 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10448
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.