[Openswan dev] [USN-107-1] racoon vulnerability (fwd)

Paul Wouters paul at xelerance.com
Tue Apr 5 22:52:15 CEST 2005



-- 

As time passes hardware approaches the effectiveness of a rock and
the reliability of a crack addict.
                                      --- Naubert's law


---------- Forwarded message ----------
Date: Tue, 5 Apr 2005 17:59:53 +0200
From: Martin Pitt <martin.pitt at canonical.com>
Cc: full-disclosure at lists.grok.org.uk, bugtraq at securityfocus.com
To: ubuntu-security-announce at lists.ubuntu.com
Subject: [USN-107-1] racoon vulnerability

===========================================================
Ubuntu Security Notice USN-107-1	     April 05, 2005
ipsec-tools vulnerability
CAN-2005-0398
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

racoon

The problem can be corrected by upgrading the affected package to
version 0.3.3-1ubuntu0.1.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Sebastian Krahmer discovered a Denial of Service vulnerability in the
racoon daemon. By sending specially crafted ISAKMP packets, a remote
attacker could trigger a buffer overflow which caused racoon to crash.

This update does not introduce any source code changes affecting the
ipsec-tools package.  It is necessary to update the version number of
the package in order to support an update to the "racoon" package.
Please note that racoon is not officially supported by Ubuntu (it is
in the "universe" component of the archive).

   Source archives:

     http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1.diff.gz
       Size/MD5:   191538 4cde6e53403236be32d6640b0c3e0482
     http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1.dsc
       Size/MD5:      705 022ba833374033ad5089ff1250dd0360
     http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3.orig.tar.gz
       Size/MD5:   864122 b141da8ae299c8fdc53e536f6bbc3ad0

   amd64 architecture (Athlon64, Opteron, EM64T Xeon)

     http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1_amd64.deb
       Size/MD5:   106112 96d79a33ea9fca8a4e62b9be790ecc91
     http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.1_amd64.deb
       Size/MD5:   201304 800c93f6ea50b99b635364b8acb98d7b

   i386 architecture (x86 compatible Intel/AMD)

     http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1_i386.deb
       Size/MD5:   101104 f36df353beb372625da1aaefd7f641e5
     http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.1_i386.deb
       Size/MD5:   186172 d0213fee3f32816c0e83c227064891fc

   powerpc architecture (Apple Macintosh G3/G4/G5)

     http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1_powerpc.deb
       Size/MD5:   108824 cc6193f450715b21e4c16b8bea002399
     http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.1_powerpc.deb
       Size/MD5:   195936 4ab4dd044d8f31d17d8022bcd8539370


More information about the Dev mailing list