Debian DSA-201-1 : freeswan - denial of service

medium Nessus Plugin ID 15038

Synopsis

The remote Debian host is missing a security-related update.

Description

Bindview discovered a problem in several IPSEC implementations that do not properly handle certain very short packets. IPSEC is a set of security extensions to IP which provide authentication and encryption.
Free/SWan in Debian is affected by this and is said to cause a kernel panic.

Solution

Upgrade the freeswan package.

This problem has been fixed in version 1.96-1.4 for the current stable distribution (woody) and in version 1.99-1 for the unstable distribution (sid). The old stable distribution (potato) does not contain Free/SWan packages.

See Also

http://razor.bindview.com/publish/advisories/adv_ipsec.html

http://www.debian.org/security/2002/dsa-201

Plugin Details

Severity: Medium

ID: 15038

File Name: debian_DSA-201.nasl

Version: 1.19

Type: local

Agent: unix

Published: 9/29/2004

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.5

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:freeswan, cpe:/o:debian:debian_linux:3.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 12/2/2002

Reference Information

CVE: CVE-2002-0666

CERT: 459371

DSA: 201