Ubuntu Security Notice 3482-1 - It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly handled certain ISAKMP fragments. A remote attacker could use this issue to cause racoon to crash, resulting in a denial of service.
0032e096722d8785f5d0dee9824dd9f5eeb2514161d52014e052642ceff906de
===========================================================================
Ubuntu Security Notice USN-3482-1
November 16, 2017
ipsec-tools vulnerability
===========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
ipsec-tools could be made to crash if it received specially crafted
network traffic.
Software Description:
- ipsec-tools: IPsec tools for Linux
Details:
It was discovered that racoon, the ipsec-tools IKE daemon, incorrectly
handled certain ISAKMP fragments. A remote attacker could use this
issue to cause racoon to crash, resulting in a denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 ESM:
ipsec-tools=C2=A01:0.8.0-9ubuntu1.2
racoon=C2=A01:0.8.0-9ubuntu1.2
In general, a standard system update will make all the necessary
changes.
References:
https://www.ubuntu.com/usn/usn-3482-1
CVE-2016-10396