漏洞信息详情

IPsec-Tools 多个远程拒绝服务漏洞

  • CNNVD编号:CNNVD-200905-193
  • 危害等级: 中危
  • CVE编号: CVE-2009-1632
  • 漏洞类型: 资源管理错误
  • 发布时间: 2009-05-14
  • 威胁类型: 远程
  • 更新时间: 2009-06-16
  • 厂        商: ipsec-tools
  • 漏洞来源: Neil Kettle, steph...

漏洞简介

IPsec-Tools是KAME的的IPsec工具移植到Linux内核2.6上的IPsec实现。它支持NetBSD和FreeBSD。

Ipsec-tools 0.7.2版本之前的版本的多个内存漏出允许远程攻击者可以借助向量,包括vectors involving (1)在用户认证X.509凭证时的签字校验,与src/racoon/crypto_openssl.c的eay_check_x509sign函数有关;(2)NAT-Traversal (又称NAT-T)持续安装,与src/racoon/nattraversal.c相关,造成拒绝服务 (内存损耗)。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

Ubuntu Ubuntu Linux 8.04 LTS powerpc

Ubuntu ipsec-tools_0.6.7-1.1ubuntu1.2_powerpc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_powerpc.deb

Ubuntu racoon_0.6.7-1.1ubuntu1.2_powerpc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_powerpc.deb

Ubuntu Ubuntu Linux 8.10 powerpc

Ubuntu ipsec-tools_0.7-2.1ubuntu1.8.10.1_powerpc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_powerpc.deb

Ubuntu racoon_0.7-2.1ubuntu1.8.10.1_powerpc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_powerpc.deb

Ubuntu Ubuntu Linux 8.04 LTS sparc

Ubuntu ipsec-tools_0.6.7-1.1ubuntu1.2_sparc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_sparc.deb

Ubuntu racoon_0.6.7-1.1ubuntu1.2_sparc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_sparc.deb

Ubuntu Ubuntu Linux 6.06 LTS sparc

Ubuntu ipsec-tools_0.6.5-4ubuntu1.3_sparc.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_sparc.deb

Ubuntu racoon_0.6.5-4ubuntu1.3_sparc.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_sparc.deb

Ubuntu Ubuntu Linux 8.04 LTS amd64

Ubuntu ipsec-tools_0.6.7-1.1ubuntu1.2_amd64.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_amd64.deb

Ubuntu racoon_0.6.7-1.1ubuntu1.2_amd64.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_amd64.deb

Ubuntu Ubuntu Linux 9.04 sparc

Ubuntu ipsec-tools_0.7-2.1ubuntu1.9.04.1_sparc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_sparc.deb

Ubuntu racoon_0.7-2.1ubuntu1.9.04.1_sparc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_sparc.deb

Ubuntu Ubuntu Linux 9.04 powerpc

Ubuntu ipsec-tools_0.7-2.1ubuntu1.9.04.1_powerpc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_powerpc.deb

Ubuntu racoon_0.7-2.1ubuntu1.9.04.1_powerpc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_powerpc.deb

Ubuntu Ubuntu Linux 9.04 i386

Ubuntu ipsec-tools_0.7-2.1ubuntu1.9.04.1_i386.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_i386.deb

Ubuntu racoon_0.7-2.1ubuntu1.9.04.1_i386.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_i386.deb

Ubuntu Ubuntu Linux 8.10 sparc

Ubuntu ipsec-tools_0.7-2.1ubuntu1.8.10.1_sparc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_sparc.deb

Ubuntu racoon_0.7-2.1ubuntu1.8.10.1_sparc.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_sparc.deb

Ubuntu Ubuntu Linux 9.04 lpia

Ubuntu ipsec-tools_0.7-2.1ubuntu1.9.04.1_lpia.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_lpia.deb

Ubuntu racoon_0.7-2.1ubuntu1.9.04.1_lpia.deb

http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_lpia.deb

MandrakeSoft Linux Mandrake 2009.0 x86_64

Mandriva flex-2.5.35-2.1mdv2009.0.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ipsec-tools-0.7.2-0.1mdv2009.0.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64ipsec-devel-0.7.2-0.1mdv2009.0.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64ipsec0-0.7.2-0.1mdv2009.0.x86_64.rpm

http://www.mandriva.com/en/download/

Ubuntu Ubuntu Linux 9.04 amd64

Ubuntu ipsec-tools_0.7-2.1ubuntu1.9.04.1_amd64.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_amd64.deb

Ubuntu racoon_0.7-2.1ubuntu1.9.04.1_amd64.deb

http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_amd64.deb

Ubuntu Ubuntu Linux 8.10 amd64

Ubuntu ipsec-tool

参考网址

来源: MLIST

名称: [ipsec-tools-announce] 20090422 Ipsec-tools 0.7.2 released

链接:http://sourceforge.net/mailarchive/forum.php?thread_name=20090422151825.GB46988%40zeninc.net&forum_name=ipsec-tools-announce

来源: trac.ipsec-tools.net

链接:https://trac.ipsec-tools.net/ticket/303

来源: VUPEN

名称: ADV-2009-3184

链接:http://www.vupen.com/english/advisories/2009/3184

来源: UBUNTU

名称: USN-785-1

链接:http://www.ubuntu.com/usn/USN-785-1

来源: BID

名称: 34765

链接:http://www.securityfocus.com/bid/34765

来源: REDHAT

名称: RHSA-2009:1036

链接:http://www.redhat.com/support/errata/RHSA-2009-1036.html

来源: MLIST

名称: [oss-security] 20090512 Re: ipsec-tools 0.7.2

链接:http://www.openwall.com/lists/oss-security/2009/05/12/3

来源: MANDRIVA

名称: MDVSA-2009:114

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:114

来源: DEBIAN

名称: DSA-1804

链接:http://www.debian.org/security/2009/dsa-1804

来源: support.apple.com

链接:http://support.apple.com/kb/HT3937

来源: sourceforge.net

链接:http://sourceforge.net/project/shownotes.php?group_id=74601&release_id=677611

来源: GENTOO

名称: GLSA-200905-03

链接:http://security.gentoo.org/glsa/glsa-200905-03.xml

来源: SECUNIA

名称: 35685

链接:http://secunia.com/advisories/35685

来源: SECUNIA

名称: 35404

链接:http://secunia.com/advisories/35404

来源: SECUNIA

名称: 35212

链接:http://secunia.com/advisories/35212

来源: SECUNIA

名称: 35159

链接:http://secunia.com/advisories/35159

来源: SECUNIA

名称: 35153

链接:http://secunia.com/advisories/35153

来源: MLIST

名称: [oss-security] 20090429 ipsec-tools 0.7.2

链接:http://marc.info/?l=oss-security&m=124101704828036&w=2

来源: SUSE

名称: SUSE-SR:2009:012

链接:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

来源: APPLE

名称: APPLE-SA-2009-11-09-1

链接:http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

来源: cvsweb.netbsd.org

链接:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=h

来源: cvsweb.netbsd.org

链接:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c

来源: cvsweb.netbsd.org

链接:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=h

来源: cvsweb.netbsd.org

链接:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多