GLSA-200404-17 : ipsec-tools and iputils contain a remote DoS vulnerability

medium Nessus Plugin ID 14482
New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it is different from CVSS.

VPR Score: 3.6

Synopsis

The remote Gentoo host is missing one or more security-related patches.

Description

The remote host is affected by the vulnerability described in GLSA-200404-17 (ipsec-tools and iputils contain a remote DoS vulnerability)

When racoon receives an ISAKMP header, it allocates memory based on the length of the header field. Thus, an attacker may be able to cause a Denial of Services by creating a header that is large enough to consume all available system resources.
Impact :

This vulnerability may allow an attacker to remotely cause a Denial of Service.
Workaround :

A workaround is not currently known for this issue. All users are advised to upgrade to the latest version of the affected package.

Solution

ipsec-tools users should upgrade to version 0.2.5 or later:
# emerge sync # emerge -pv '>=net-firewall/ipsec-tools-0.3.1' # emerge '>=net-firewall/ipsec-tools-0.3.1' iputils users should upgrade to version 021109-r3 or later:
# emerge sync # emerge -pv '>=net-misc/iputils-021109-r3' # emerge '>=net-misc/iputils-021109-r3'

See Also

http://ipsec-tools.sourceforge.net/

https://security.gentoo.org/glsa/200404-17

Plugin Details

Severity: Medium

ID: 14482

File Name: gentoo_GLSA-200404-17.nasl

Version: 1.13

Type: local

Published: 8/30/2004

Updated: 1/6/2021

Dependencies: ssh_get_info.nasl

Risk Information

Risk Factor: Medium

VPR Score: 3.6

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:gentoo:linux:ipsec-tools, p-cpe:/a:gentoo:linux:iputils, cpe:/o:gentoo:linux

Required KB Items: Host/local_checks_enabled, Host/Gentoo/release, Host/Gentoo/qpkg-list, Host/Gentoo/arch

Patch Publication Date: 4/24/2004

Reference Information

CVE: CVE-2004-0403

GLSA: 200404-17