OracleVM 2.1 : ipsec-tools (OVMSA-2009-0010)
High Nessus Plugin ID 79457
SynopsisThe remote OracleVM host is missing a security update.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
CVE-2009-1574 racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.
CVE-2009-1632 Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c.
CVE-2008-3651 Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.
CVE-2008-3652 src/racoon/handler.c in racoon in ipsec-tools does not remove an 'orphaned ph1' (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
- fix nul dereference in frag code and some memory leaks (#497990)
- also do not destroy ports in ph2 (#231604)
- improved fix for cleanup of IPSEC SAs in SADB (#231604)
- fix cleanup of IPSEC SAs in SADB (#231604)
- fix segfault in timer (#378551)
- handle new interfaces immediately (#247301)
- eliminate debug logging overhead when log level is lower (#248567)
- use the adminsock_path as specified on the command line (#247294)
- link only necessary libraries (#458631)
- make racoon PIE executable (#210023)
- fix for DoS through various memory leaks (CVE-2008-3651 #456660, CVE-2008-3652 #458846)
- use the current kernel headers instead of the private copy (#446979)
- Resolves: rhbz#435803 - update pfkeyv2.h with new #defines
SolutionUpdate the affected ipsec-tools package.