This script is Copyright (C) 2005-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing a security update.
An updated ipsec-tools package that fixes a bug in parsing of ISAKMP
headers is now available.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The ipsec-tools package is used in conjunction with the IPsec
functionality in the linux kernel. The ipsec-tools package includes :
- setkey, a program to directly manipulate policies and
SAs - racoon, an IKEv1 keying daemon
A bug was found in the way the racoon daemon handled incoming ISAKMP
requests. It is possible that an attacker could crash the racoon
daemon by sending a specially crafted ISAKMP packet. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2005-0398 to this issue.
Additionally, the following issues have been fixed: - racoon
mishandled restarts in the presence of stale administration sockets. -
on Red Hat Enterprise Linux 4, racoon and setkey did not properly set
up forward policies, which prevented tunnels from working.
Users of ipsec-tools should upgrade to this updated package, which
contains backported patches, and is not vulnerable to these issues.
See also :
Update the affected ipsec-tools package.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: Red Hat Local Security Checks
Nessus Plugin ID: 17622 ()
CVE ID: CVE-2005-0398
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.