First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 84479
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Gentoo Security <security@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Thierry Carrez (RETIRED) <koon@gentoo.org>
Add CC:
CC:
Remove selected CCs
URL:
Summary:
Status Whiteboard:
Keywords:
Flags: Requestee:
 
 
  ()

Filename Description Type Creator Created Size Actions
patch-isakmp.c patch-isakmp.c patch Thierry Carrez (RETIRED) 2005-03-08 01:32 0000 714 bytes Details | Diff
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 84479 depends on: Show dependency tree
Bug 84479 blocks:

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2005-03-08 01:29 0000 
There is a validation problem in isakmp_parsewoh(). The exploit may not be able
to do something else than a malloc error, or, in the worst case, a racoon
crash, and it's not sure this could be done without appropriate credentials.

------- Comment #1 From Thierry Carrez (RETIRED) 2005-03-08 01:32:09 0000 ------- 
Created an attachment (id=52903) [edit]
patch-isakmp.c

Patch from Yvan VANHULLEBUS.
Discovery credits go to Sebastian Krahmer (SuSE)

------- Comment #2 From Thierry Carrez (RETIRED) 2005-03-14 07:34:45 0000 ------- 
Patch is now public @
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp.c?r1=1.32.2.1&r2=1.32.2.2
"Fixed a buffer underrun (CAN-2005-0398)"

latexer, plasmaroo: please bump ipsec-tools with patch.

------- Comment #3 From Peter Johanson (RETIRED) 2005-03-14 11:09:37 0000 ------- 
Koon, I've just commited 0.4-r1 and 0.5-r1 with the changes. Since 0.4 has been
in portage for a while, I suggest we target 0.4-r1 for stabalization in the
next few days so we can have a stable fixed version.

------- Comment #4 From Thierry Carrez (RETIRED) 2005-03-15 01:04:02 0000 ------- 
*** Bug 85307 has been marked as a duplicate of this bug. ***

------- Comment #5 From Thierry Carrez (RETIRED) 2005-03-15 01:06:23 0000 ------- 
Arches, please test and mark ipsec-tools-0.4-r1 stable

------- Comment #6 From Thierry Carrez (RETIRED) 2005-03-20 06:39:21 0000 ------- 
Kugelfang, plasmaroo, weeve: you marked it stable last time, do you think you
can test and mark this one stable as well ?

------- Comment #7 From Jan Brinkmann (RETIRED) 2005-03-20 07:07:23 0000 ------- 
stable on amd64

------- Comment #8 From Jason Wever (RETIRED) 2005-03-20 08:53:42 0000 ------- 
SPARCtastic.

------- Comment #9 From Thierry Carrez (RETIRED) 2005-03-23 06:52:23 0000 ------- 
x86/latexer/plasmaroo: please test and mark ipsec-tools-0.4-r1 stable on x86 if
you can.

------- Comment #10 From Peter Johanson (RETIRED) 2005-03-23 07:03:01 0000 ------- 
Marked stable on x86.

------- Comment #11 From Thierry Carrez (RETIRED) 2005-03-23 07:21:18 0000 ------- 
Thx Peter
Security: GLSA vote needed, a vote YES

------- Comment #12 From Sune Kloppenborg Jeppesen 2005-03-23 08:04:11 0000 ------- 
Pre-authentication remote crash -> I vote YES.

------- Comment #13 From Matthias Geerdsen 2005-03-25 10:26:35 0000 ------- 
GLSA 200503-33

thanks everyone
First Last Prev Next    No search results available      Search page      Enter new bug