Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 4 May 2009 19:46:08 +0200
From: Tomas Hoger <thoger@...hat.com>
To: coley@...re.org
Cc: oss-security@...ts.openwall.com
Subject: Re: ipsec-tools 0.7.2

Hi Steve!

On Wed, 29 Apr 2009 16:56:58 +0200 Tomas Hoger <thoger@...hat.com>
wrote:

> http://sourceforge.net/project/shownotes.php?group_id=74601&release_id=677611
> http://sourceforge.net/mailarchive/forum.php?thread_name=20090422151825.GB46988%40zeninc.net&forum_name=ipsec-tools-announce
> 
> Upstream announcement mentions one security fix (DoS / NULL deref
> reported by Neil Kettle), fixed in:
> 
> http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c?f=h#rev1.4.6.1

Can you please assign CVE to this?  This crash can happen during
phase1 of ISAKMP.  Problem occurs when all fragments received contain
no payload, only headers.  Few more details in:
  https://bugzilla.redhat.com/show_bug.cgi?id=497990

Thank you!

-- 
Tomas Hoger / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ