OracleVM 2.1 : ipsec-tools (OVMSA-2009-0010)

High Nessus Plugin ID 79457


The remote OracleVM host is missing a security update.


The remote OracleVM system is missing necessary patches to address critical security updates :

CVE-2009-1574 racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.

CVE-2009-1632 Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c.

CVE-2008-3651 Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.

CVE-2008-3652 src/racoon/handler.c in racoon in ipsec-tools does not remove an 'orphaned ph1' (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).

- fix nul dereference in frag code and some memory leaks (#497990)

- also do not destroy ports in ph2 (#231604)

- improved fix for cleanup of IPSEC SAs in SADB (#231604)

- fix cleanup of IPSEC SAs in SADB (#231604)

- fix segfault in timer (#378551)

- handle new interfaces immediately (#247301)

- eliminate debug logging overhead when log level is lower (#248567)

- use the adminsock_path as specified on the command line (#247294)

- link only necessary libraries (#458631)

- make racoon PIE executable (#210023)

- fix for DoS through various memory leaks (CVE-2008-3651 #456660, CVE-2008-3652 #458846)

- use the current kernel headers instead of the private copy (#446979)

- Resolves: rhbz#435803 - update pfkeyv2.h with new #defines


Update the affected ipsec-tools package.

See Also

Plugin Details

Severity: High

ID: 79457

File Name: oraclevm_OVMSA-2009-0010.nasl

Version: 1.11

Type: local

Published: 2014/11/26

Updated: 2019/10/25

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.8

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:ipsec-tools, cpe:/o:oracle:vm_server:2.1

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/05/27

Vulnerability Publication Date: 2008/08/12

Reference Information

CVE: CVE-2008-3651, CVE-2008-3652, CVE-2009-1574, CVE-2009-1632

BID: 30657, 34765

CWE: 200, 399