Showing 1 - 4 of 4

Files from Thomas Walpuski

Email address	thomas-bugtraq at unproved.org
First Active	2003-11-04
Last Active	2004-06-10

isakmpdAgain.txt: Posted Jun 10, 2004; Authored by Thomas Walpuski; Unauthorized deletion of IPsec SAs is still possible using a delete payload piggybacked on an initiation of main mode with the latest version of isakmpd.; tags | advisory; SHA-256 | c5d443ed4065bde5c240457b08dcb81606ea790ee65250147c49eddf9744dc54; Download | Favorite | View

l2tpd.txt: Posted Jun 8, 2004; Authored by Thomas Walpuski; All versions of l2tpd contain a bss-based buffer overflow. After circumventing some minor obstacles, the overflow can be triggered by sending a specially crafted packet.; tags | advisory, overflow; SHA-256 | a067c526f020fd9fb9fb3138db7c81b08532d2a4d41587a7148996d43140fb10; Download | Favorite | View

racoon.txt: Posted Jan 14, 2004; Authored by Thomas Walpuski; racoon, KAME's IKE daemon, contains multiple flaws which allow for the unauthorized deletion of IPsec and ISAKMP SAs.; tags | advisory; SHA-256 | cbe0353e2d61b2cc2f27aba78a849a48ebb7737a512565da9ec47b3e188ecf13; Download | Favorite | View

isakmpd.txt: Posted Nov 4, 2003; Authored by Thomas Walpuski; isakmpd, OpenBSD's IKE daemon, contains severe flaws in payload handling that allow for the unauthorized deletion of IKE and IPsec SAs. It allows this due to a lack of encryption being applied in Quick Mode and a lack of validation for the origin of delete message payloads, among other issues.; tags | advisory; systems | openbsd; SHA-256 | 3988c2d5ef9fcbecf1cf09989991d959569afb820df8646367b19b0ca3c9b78e; Download | Favorite | View