Vigil@nce: IPsec Tools, denials of service
May 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can generate several denials of service in IPsec Tools.
Severity: 2/4
Consequences: denial of service of service
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 3
Creation date: 30/04/2009
IMPACTED PRODUCTS
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The IPsec Tools suite implements tools for IPsec. It contains
several vulnerabilities.
The isakmp_frag_extract() function of the isakmp_frag.c file does
not check if the size indicated in a fragment is longer than the
fragment. [grav:2/4; CVE-2009-1574]
An attacker with a valid certificate can generate a memory leak in
the eay_check_x509sign() function of crypto_openssl.c. [grav:1/4]
An attacker can generate a memory leak in natt_keepalive_send()
and natt_keepalive_remove() functions of nattraversal.c. [grav:2/4]
An attacker can therefore generate several denials of service in
IPsec Tools.
CHARACTERISTICS
Identifiers: BID-34765, CVE-2009-1574, VIGILANCE-VUL-8684
http://vigilance.fr/vulnerability/IPsec-Tools-denials-of-service-8684