| Description: | Summary:
The remote host is missing an update for the Debian 'ipsec-tools' package(s) announced via the DSA-1804-1 advisory.
Vulnerability Insight:
Several remote vulnerabilities have been discovered in racoon, the Internet Key Exchange daemon of ipsec-tools. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2009-1574
Neil Kettle discovered a NULL pointer dereference on crafted fragmented packets that contain no payload. This results in the daemon crashing which can be used for denial of service attacks.
CVE-2009-1632
Various memory leaks in the X.509 certificate authentication handling and the NAT-Traversal keepalive implementation can result in memory exhaustion and thus denial of service.
For the oldstable distribution (etch), this problem has been fixed in version 0.6.6-3.1etch3.
For the stable distribution (lenny), this problem has been fixed in version 0.7.1-1.3+lenny2.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 1:0.7.1-1.5.
We recommend that you upgrade your ipsec-tools packages.
Affected Software/OS:
'ipsec-tools' package(s) on Debian 4, Debian 5.
Solution:
Please install the updated package(s).
CVSS Score:
5.0
CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
