|Summary:||net-firewall/ipsec-tools: racoon remote DoS|
|Product:||Gentoo Security||Reporter:||Thierry Carrez (RETIRED) <koon>|
|Component:||Vulnerabilities||Assignee:||Gentoo Security <security>|
|Severity:||minor||CC:||kaiowas, latexer, plasmaroo|
|Package list:||Runtime testing required:||---|
Description Thierry Carrez (RETIRED) 2005-03-08 01:29:56 UTC
There is a validation problem in isakmp_parsewoh(). The exploit may not be able to do something else than a malloc error, or, in the worst case, a racoon crash, and it's not sure this could be done without appropriate credentials.
Comment 1 Thierry Carrez (RETIRED) 2005-03-08 01:32:09 UTC
Created attachment 52903 [details, diff] patch-isakmp.c Patch from Yvan VANHULLEBUS. Discovery credits go to Sebastian Krahmer (SuSE)
Comment 2 Thierry Carrez (RETIRED) 2005-03-14 07:34:45 UTC
Patch is now public @ http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp.c?r1=220.127.116.11&r2=18.104.22.168 "Fixed a buffer underrun (CAN-2005-0398)" latexer, plasmaroo: please bump ipsec-tools with patch.
Comment 3 Peter Johanson (RETIRED) 2005-03-14 11:09:37 UTC
Koon, I've just commited 0.4-r1 and 0.5-r1 with the changes. Since 0.4 has been in portage for a while, I suggest we target 0.4-r1 for stabalization in the next few days so we can have a stable fixed version.
Comment 4 Thierry Carrez (RETIRED) 2005-03-15 01:04:02 UTC
*** Bug 85307 has been marked as a duplicate of this bug. ***
Comment 5 Thierry Carrez (RETIRED) 2005-03-15 01:06:23 UTC
Arches, please test and mark ipsec-tools-0.4-r1 stable
Comment 6 Thierry Carrez (RETIRED) 2005-03-20 06:39:21 UTC
Kugelfang, plasmaroo, weeve: you marked it stable last time, do you think you can test and mark this one stable as well ?
Comment 7 Jan Brinkmann (RETIRED) 2005-03-20 07:07:23 UTC
stable on amd64
Comment 8 Jason Wever (RETIRED) 2005-03-20 08:53:42 UTC
Comment 9 Thierry Carrez (RETIRED) 2005-03-23 06:52:23 UTC
x86/latexer/plasmaroo: please test and mark ipsec-tools-0.4-r1 stable on x86 if you can.
Comment 10 Peter Johanson (RETIRED) 2005-03-23 07:03:01 UTC
Marked stable on x86.
Comment 11 Thierry Carrez (RETIRED) 2005-03-23 07:21:18 UTC
Thx Peter Security: GLSA vote needed, a vote YES
Comment 12 Sune Kloppenborg Jeppesen 2005-03-23 08:04:11 UTC
Pre-authentication remote crash -> I vote YES.
Comment 13 Matthias Geerdsen (RETIRED) 2005-03-25 10:26:35 UTC
GLSA 200503-33 thanks everyone