ipsec-tools is based on this KAME implementation, so I'm not sure if this bug has been inherited or not :/ seeing the redhat response (see link), it might be vulnerable. K-OTik Security Advisory : KOTIK/ADV-2005-0264 CVE Reference : CAN-2005-0398 Rated as : Moderate Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-03-15 * Technical Description * A new vulnerability was identified in KAME Racoon, which may be exploited by attackers to conduct Denial of Service attacks. The flaw occurs when handling specially crafted ISAKMP Packet Headers, which may be exploited to crash the application. * Affected Products * KAME Racoon version 20050307 and prior * Solution * ftp://ftp.kame.net/pub/mail-list/snap-users/8973 * References * http://www.k-otik.com/english/advisories/2005/0264 https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view * Credits * Vulnerability reported by Sebastian Krahmer
actual bug on redhat bugzilla: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=145531
*** This bug has been marked as a duplicate of 84479 ***