Gentoo Bug 267135 - <net-firewall/ipsec-tools-0.7.2 fragmentation remote DoS (CVE-2009-{1574,1632})

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	267135
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Robert Buchholz <rbu@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 267135 depends on:			Show dependency tree
Bug 267135 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2009-04-22 18:57 0000

ipsec tools fixes a "remote crash in fragmentation code"

------- Comment #1 From Daniel Black 2009-04-23 13:35:02 0000 -------

+ipsec-tools-0.7.2.ebuild

------- Comment #2 From Markus Meier 2009-04-23 18:42:41 0000 -------

amd64/x86 stable

------- Comment #3 From Friedrich Oslage 2009-04-26 11:56:51 0000 -------

sparc stable

------- Comment #4 From Brent Baude 2009-04-26 14:10:27 0000 -------

ppc done

------- Comment #5 From Daniel Black 2009-04-29 01:05:54 0000 -------

vote yes for constancy with bug #232831

------- Comment #6 From Alex Legler 2009-05-06 19:03:47 0000 -------

*** Bug 268841 has been marked as a duplicate of this bug. ***

------- Comment #7 From Alex Legler 2009-05-06 19:05:27 0000 -------

Name:      CVE-2009-1574
URL:       http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574

racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote
attackers to cause a denial of service (crash) via crafted fragmented
packets without a payload, which triggers a NULL pointer dereference.

------- Comment #8 From Alex Legler 2009-05-06 19:13:12 0000 -------

Got rid of the two old vulnerable versions.

Voting YES for a GLSA.

------- Comment #9 From Stefan Behte 2009-05-06 21:47:06 0000 -------

Yes, too. Request filed.

------- Comment #10 From Alex Legler 2009-05-15 09:18:54 0000 -------

CVE-2009-1632 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1632):
  Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote
  attackers to cause a denial of service (memory consumption) via
  vectors involving (1) signature verification during user
  authentication with X.509 certificates, related to the
  eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2)
  the NAT-Traversal (aka NAT-T) keepalive implementation, related to
  src/racoon/nattraversal.c.

------- Comment #11 From Alex Legler 2009-05-24 13:28:43 0000 -------

GLSA 200905-03

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 267135

<net-firewall/ipsec-tools-0.7.2 fragmentation remote DoS (CVE-2009-{1574,1632})

Last modified: 2009-05-24 13:28:43 0000