This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote Gentoo host is missing one or more security-related
The remote host is affected by the vulnerability described in GLSA-200905-03
(IPSec Tools: Denial of Service)
The following vulnerabilities have been found in the racoon daemon as
shipped with IPSec Tools:
Neil Kettle reported that
racoon/isakmp_frag.c is prone to a NULL pointer dereference
Multiple memory leaks exist in (1) the
eay_check_x509sign() function in racoon/crypto_openssl.c and (2)
A remote attacker could send specially crafted fragmented ISAKMP
packets without a payload or exploit vectors related to X.509
certificate authentication and NAT traversal, possibly resulting in a
crash of the racoon daemon.
There is no known workaround at this time.
See also :
All IPSec Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-firewall/ipsec-tools-0.7.2'
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : false
Family: Gentoo Local Security Checks
Nessus Plugin ID: 38884 (gentoo_GLSA-200905-03.nasl)
CVE ID: CVE-2009-1574CVE-2009-1632
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.