exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2008-181

Mandriva Linux Security Advisory 2008-181
Posted Aug 29, 2008
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory - Two denial of service vulnerabilities were discovered in the ipsec-tools racoon daemon, which could allow a remote attacker to cause it to consume all available memory. The updated packages have been patched to prevent these issues.

tags | advisory, remote, denial of service, vulnerability
systems | linux, mandriva
advisories | CVE-2008-3651, CVE-2008-3652
SHA-256 | b4f033c3e31a18567428fc5e4fb2e5075e6cda5c26ecbc7bc4b1a23e35c731a6
Download | Favorite | View

Mandriva Linux Security Advisory 2008-181

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2008:181
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : ipsec-tools
 Date    : August 28, 2008
 Affected: 2007.1, 2008.0, 2008.1, Corporate 4.0,
           Multi Network Firewall 2.0
 _______________________________________________________________________

 Problem Description:

 Two denial of service vulnerabilities were discovered in the
 ipsec-tools racoon daemon, which could allow a remote attacker to cause
 it to consume all available memory (CVE-2008-3651, CVE-2008-3652).
 
 The updated packages have been patched to prevent these issues.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3651
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3652
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2007.1:
 e3a12410fab45488a49034076c096a12  2007.1/i586/ipsec-tools-0.6.6-2.2mdv2007.1.i586.rpm
 eeb78f3ca87a91c05c69f39c13119899  2007.1/i586/libipsec0-0.6.6-2.2mdv2007.1.i586.rpm
 e2014baecdcc1243e1711bb3bc4330bf  2007.1/i586/libipsec0-devel-0.6.6-2.2mdv2007.1.i586.rpm 
 255d8527872be4d72bbbac8be7866683  2007.1/SRPMS/ipsec-tools-0.6.6-2.2mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 cab88fba0361f7ad10d92fe4a0bcf5cf  2007.1/x86_64/ipsec-tools-0.6.6-2.2mdv2007.1.x86_64.rpm
 ce73d466b05959f8432546fcc2154bdd  2007.1/x86_64/lib64ipsec0-0.6.6-2.2mdv2007.1.x86_64.rpm
 7a29d409c432f251e58829479bb30c44  2007.1/x86_64/lib64ipsec0-devel-0.6.6-2.2mdv2007.1.x86_64.rpm 
 255d8527872be4d72bbbac8be7866683  2007.1/SRPMS/ipsec-tools-0.6.6-2.2mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 f969998276a204a0f102183746004665  2008.0/i586/ipsec-tools-0.6.7-1.1mdv2008.0.i586.rpm
 7c16efad4b9bce8cf1ba6f3457cc58f6  2008.0/i586/libipsec0-0.6.7-1.1mdv2008.0.i586.rpm
 23da7349d57158b08d2673d57d53fc50  2008.0/i586/libipsec0-devel-0.6.7-1.1mdv2008.0.i586.rpm 
 ef1478d445cbf1b5f80f776ec7d7752c  2008.0/SRPMS/ipsec-tools-0.6.7-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 cbeb6df9cbf7c62d235d6408ad25b1a9  2008.0/x86_64/ipsec-tools-0.6.7-1.1mdv2008.0.x86_64.rpm
 b04fcb7ccbd32e801d41c4d83a7a57d9  2008.0/x86_64/lib64ipsec0-0.6.7-1.1mdv2008.0.x86_64.rpm
 6f813c88f3990506069e459957bc43d7  2008.0/x86_64/lib64ipsec0-devel-0.6.7-1.1mdv2008.0.x86_64.rpm 
 ef1478d445cbf1b5f80f776ec7d7752c  2008.0/SRPMS/ipsec-tools-0.6.7-1.1mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 3be558f00238da24b450c34534914845  2008.1/i586/ipsec-tools-0.7-1.1mdv2008.1.i586.rpm
 582922de31e7c3549337c68ccd948a94  2008.1/i586/libipsec0-0.7-1.1mdv2008.1.i586.rpm
 55aa0129f04bfa0b3fd79eeb40e0e76f  2008.1/i586/libipsec-devel-0.7-1.1mdv2008.1.i586.rpm 
 36a949ae25bcdc895ba024450f910d9a  2008.1/SRPMS/ipsec-tools-0.7-1.1mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 ca6754c65ae12d91cc9eba32009ea6a9  2008.1/x86_64/ipsec-tools-0.7-1.1mdv2008.1.x86_64.rpm
 e74682fd89ee6649d41e03c5135faebe  2008.1/x86_64/lib64ipsec0-0.7-1.1mdv2008.1.x86_64.rpm
 55d777ad6fe96f53fa6ca436b5921580  2008.1/x86_64/lib64ipsec-devel-0.7-1.1mdv2008.1.x86_64.rpm 
 36a949ae25bcdc895ba024450f910d9a  2008.1/SRPMS/ipsec-tools-0.7-1.1mdv2008.1.src.rpm

 Corporate 4.0:
 c5146f5b46e8386687a1b37fe0dc29f9  corporate/4.0/i586/ipsec-tools-0.6.5-2.2.20060mlcs4.i586.rpm
 9c25c57f06839afbf55dd31547000721  corporate/4.0/i586/libipsec0-0.6.5-2.2.20060mlcs4.i586.rpm
 a565fab7f9c3ef0d48ced13bd9c84500  corporate/4.0/i586/libipsec0-devel-0.6.5-2.2.20060mlcs4.i586.rpm 
 87221b03544e9e9cb10491e8504813b0  corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.2.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 a1ee7dd60a3ea3471b5de7a8ab875735  corporate/4.0/x86_64/ipsec-tools-0.6.5-2.2.20060mlcs4.x86_64.rpm
 93ac29406969dfbcccd77858c3edb553  corporate/4.0/x86_64/lib64ipsec0-0.6.5-2.2.20060mlcs4.x86_64.rpm
 268e50439113279ce14068f54d0895a8  corporate/4.0/x86_64/lib64ipsec0-devel-0.6.5-2.2.20060mlcs4.x86_64.rpm 
 87221b03544e9e9cb10491e8504813b0  corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.2.20060mlcs4.src.rpm

 Multi Network Firewall 2.0:
 656584e7399fcf363ea0462e51df9baa  mnf/2.0/i586/ipsec-tools-0.2.5-0.6.M20mdk.i586.rpm
 c4ffd9b8ed40fd575eac7828af27ef63  mnf/2.0/i586/libipsec-tools0-0.2.5-0.6.M20mdk.i586.rpm 
 eb56a9bdcfbddbf8b4ff37fcb9bd9b45  mnf/2.0/SRPMS/ipsec-tools-0.2.5-0.6.M20mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFIt1fpmqjQ0CJFipgRAnLxAKCwcBv4uUfBqHf3c3GFk93ZUU6iJACaAh1W
fljCV5e/DYk2CYPPH73/pD4=
=Akis
-----END PGP SIGNATURE-----

Login or Register to add favorites

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close