Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 550082 - ipsec-tools-0.8.2 gssapi vulnerability
Summary: ipsec-tools-0.8.2 gssapi vulnerability
Status: RESOLVED DUPLICATE of bug 550118
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: Normal normal (vote)
Assignee: Gentoo Security
Depends on:
Reported: 2015-05-21 22:06 UTC by MickKi
Modified: 2015-05-22 08:06 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description MickKi 2015-05-21 22:06:35 UTC
There is a null dereference crash in racoon's gssapi.c. which causes DoS on the IKE mechanism.

It requires USE="kerberos" which may not be in wide spread use.  

Reproducible: Always

Exploit and details here:

Patch posted here:

Comment 1 Agostino Sarubbo gentoo-dev 2015-05-22 08:06:03 UTC

*** This bug has been marked as a duplicate of bug 550118 ***