Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 84479 - net-firewall/ipsec-tools: racoon remote DoS
Summary: net-firewall/ipsec-tools: racoon remote DoS
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa+]
Keywords:
: 85307 (view as bug list)
Depends on:
Blocks:
 
Reported: 2005-03-08 01:29 UTC by Thierry Carrez (RETIRED)
Modified: 2005-03-25 10:26 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
patch-isakmp.c (patch-isakmp.c,714 bytes, patch)
2005-03-08 01:32 UTC, Thierry Carrez (RETIRED)
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Thierry Carrez (RETIRED) gentoo-dev 2005-03-08 01:29:56 UTC
There is a validation problem in isakmp_parsewoh(). The exploit may not be able to do something else than a malloc error, or, in the worst case, a racoon crash, and it's not sure this could be done without appropriate credentials.
Comment 1 Thierry Carrez (RETIRED) gentoo-dev 2005-03-08 01:32:09 UTC
Created attachment 52903 [details, diff]
patch-isakmp.c

Patch from Yvan VANHULLEBUS.
Discovery credits go to Sebastian Krahmer (SuSE)
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-03-14 07:34:45 UTC
Patch is now public @
http://cvs.sourceforge.net/viewcvs.py/ipsec-tools/ipsec-tools/src/racoon/isakmp.c?r1=1.32.2.1&r2=1.32.2.2
"Fixed a buffer underrun (CAN-2005-0398)"

latexer, plasmaroo: please bump ipsec-tools with patch.
Comment 3 Peter Johanson (RETIRED) gentoo-dev 2005-03-14 11:09:37 UTC
Koon, I've just commited 0.4-r1 and 0.5-r1 with the changes. Since 0.4 has been in portage for a while, I suggest we target 0.4-r1 for stabalization in the next few days so we can have a stable fixed version.
Comment 4 Thierry Carrez (RETIRED) gentoo-dev 2005-03-15 01:04:02 UTC
*** Bug 85307 has been marked as a duplicate of this bug. ***
Comment 5 Thierry Carrez (RETIRED) gentoo-dev 2005-03-15 01:06:23 UTC
Arches, please test and mark ipsec-tools-0.4-r1 stable
Comment 6 Thierry Carrez (RETIRED) gentoo-dev 2005-03-20 06:39:21 UTC
Kugelfang, plasmaroo, weeve: you marked it stable last time, do you think you can test and mark this one stable as well ?
Comment 7 Jan Brinkmann (RETIRED) gentoo-dev 2005-03-20 07:07:23 UTC
stable on amd64
Comment 8 Jason Wever (RETIRED) gentoo-dev 2005-03-20 08:53:42 UTC
SPARCtastic.
Comment 9 Thierry Carrez (RETIRED) gentoo-dev 2005-03-23 06:52:23 UTC
x86/latexer/plasmaroo: please test and mark ipsec-tools-0.4-r1 stable on x86 if you can.
Comment 10 Peter Johanson (RETIRED) gentoo-dev 2005-03-23 07:03:01 UTC
Marked stable on x86.
Comment 11 Thierry Carrez (RETIRED) gentoo-dev 2005-03-23 07:21:18 UTC
Thx Peter
Security: GLSA vote needed, a vote YES
Comment 12 Sune Kloppenborg Jeppesen gentoo-dev 2005-03-23 08:04:11 UTC
Pre-authentication remote crash -> I vote YES.
Comment 13 Matthias Geerdsen (RETIRED) gentoo-dev 2005-03-25 10:26:35 UTC
GLSA 200503-33

thanks everyone