Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.63280
Kategorie:FreeBSD Local Security Checks
Titel:FreeBSD Ports: ipsec-tools
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing an update to the system
as announced in the referenced advisory.

The following package is affected: ipsec-tools

CVE-2008-3651
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools
before 0.7.1 allows remote authenticated users to cause a denial of
service (memory consumption) via invalid proposals.

CVE-2008-3652
src/racoon/handler.c in racoon in ipsec-tools does not remove an
'orphaned ph1' (phase 1) handle when it has been initiated remotely,
which allows remote attackers to cause a denial of service (resource
consumption).

Solution:
Update your system with the appropriate patches or
software upgrades.

http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2
http://www.vuxml.org/freebsd/abcacb5a-e7f1-11dd-afcd-00e0815b8da8.html

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: BugTraq ID: 30657
Common Vulnerability Exposure (CVE) ID: CVE-2008-3651
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html
http://www.securityfocus.com/bid/30657
Cert/CC Advisory: TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
http://security.gentoo.org/glsa/glsa-200812-03.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2008:181
http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc
http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10453
http://www.redhat.com/support/errata/RHSA-2008-0849.html
http://www.securitytracker.com/id?1020667
http://secunia.com/advisories/31450
http://secunia.com/advisories/31624
http://secunia.com/advisories/32759
http://secunia.com/advisories/32971
http://secunia.com/advisories/35074
SuSE Security Announcement: SUSE-SR:2008:025 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
SuSE Security Announcement: SUSE-SR:2009:004 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://www.ubuntu.com/usn/usn-641-1
http://www.vupen.com/english/advisories/2008/2345
http://www.vupen.com/english/advisories/2008/2844
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2009/1621
XForce ISS Database: ipsectools-racoon-dos(44395)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44395
Common Vulnerability Exposure (CVE) ID: CVE-2008-3652
http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-devel
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10448
http://www.securitytracker.com/id?1020692
http://secunia.com/advisories/31478
http://www.vupen.com/english/advisories/2008/2378
XForce ISS Database: ipsectools-orphanedph1-dos(44424)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44424
CopyrightCopyright (c) 2009 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.