[Openswan dev] [1.0.9][PATCH] IKE info leakage
ken at xelerance.com
Wed Aug 3 18:05:14 CEST 2005
I'm going to release 1.0.10 final this week.
On Thu, 14 Jul 2005, Vinay K Nallamothu wrote:
> Pluto responds to malformed payloads without verifying whether the
> initiator matches any of the security policies. This may be used for
> probing the IKE/IPsec implementation. The patch below fixes this.
> Arun Kumar at GSEC1 has discovered the problem.
> The patch also rate limits PAYLOAD_MALFORMED notifications (adopted from
> ipsec_doi.c | 31 ++++++++++++++++++++++++++++++-
> 1 files changed, 30 insertions(+), 1 deletion(-)
More information about the Dev