LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Debian: New ipsec-tools packages fix denial of service Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 965-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
February 6th, 2006                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : ipsec-tools
Vulnerability  : null dereference
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2005-3732
BugTraq ID     : 15523
Debian Bug     : 340584

The Internet Key Exchange version 1 (IKEv1) implementation in racoon
from ipsec-tools, IPsec tools for Linux, try to dereference a NULL
pointer under certain conditions which allows a remote attacker to
cause a denial of service.

The old stable distribution (woody) does not contain ipsec-tools.

For the stable distribution (sarge) this problem has been fixed in
version 0.5.2-1sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 0.6.3-1.

We recommend that you upgrade your racoon package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1.dsc
      Size/MD5 checksum:      685 7172e2477ce0e0778eac29236595a0c0
    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1.diff.gz
      Size/MD5 checksum:    43453 8ec2e0ed865ca4185f84cc8d27cf3dba
    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2.orig.tar.gz
      Size/MD5 checksum:   887818 50dccd981710182c8cf86666783b0df2

  Alpha architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_alpha.deb
      Size/MD5 checksum:    91708 9de3f085231197a7de53a5b50307dc07
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_alpha.deb
      Size/MD5 checksum:   358712 8283c9b4ce54d46caf0aecd01365d7e9

  AMD64 architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_amd64.deb
      Size/MD5 checksum:    81642 de97d7d0cf493d6fd8f710cdfcacf485
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_amd64.deb
      Size/MD5 checksum:   304980 e3ce0db5d01427525969a4fa16c4b18c

  ARM architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_arm.deb
      Size/MD5 checksum:    82078 d96dd62daec9798c3928f4d9629c90af
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_arm.deb
      Size/MD5 checksum:   293006 0584e9e94346fbc2b959461204f49a68

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_i386.deb
      Size/MD5 checksum:    78114 7696967815385e56dce90c53db5bfead
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_i386.deb
      Size/MD5 checksum:   291490 4c2cb51dd43c7d778b63227708b27e42

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_ia64.deb
      Size/MD5 checksum:   103870 f85f08d8b87206013639945a64180315
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_ia64.deb
      Size/MD5 checksum:   408352 78b6511d113e672f06f245a5e2b0fd91

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_hppa.deb
      Size/MD5 checksum:    87206 e82d46a0e3387d8f9e7b5f648f30c985
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_hppa.deb
      Size/MD5 checksum:   313098 e542429284c183d56906fd68f5120ef5

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_m68k.deb
      Size/MD5 checksum:    75294 f787affc6a598da295ba47833ac11f96
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_m68k.deb
      Size/MD5 checksum:   261904 3a667a087f2b1b0749df956953809787

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_mips.deb
      Size/MD5 checksum:    81512 78b1984c4f7e1767e9e0a5f7973826da
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_mips.deb
      Size/MD5 checksum:   311252 711e7eef2b62eb3f3c62c2731682014a

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_mipsel.deb
      Size/MD5 checksum:    81722 4cb4cfefd80785ddd08ac56f6a29d8a2
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_mipsel.deb
      Size/MD5 checksum:   314398 755b9cbcfa80716d3b67518995cecc57

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_powerpc.deb
      Size/MD5 checksum:    84182 f93222817a08ee9b134b2227e9710c9c
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_powerpc.deb
      Size/MD5 checksum:   299802 fa4286b36de4c4cdb344501bca93cec7

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_s390.deb
      Size/MD5 checksum:    84358 4739bc0a2a512d911e77e905254ab7e9
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_s390.deb
      Size/MD5 checksum:   299502 2e01eac11fe42c459efcbc3ecf949cc4

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.5.2-1sarge1_sparc.deb
      Size/MD5 checksum:    81038 f40757af48fd04929715dc486feff3fe
    http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.5.2-1sarge1_sparc.deb
      Size/MD5 checksum:   284678 67368918e5be7f007e8ce1c0d9f9f335


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Today's Security Hacks Are After More Than Bank Info
How Boston Children's Hospital Hit Back at Anonymous
SNMP DDoS Scans Spoof Google Public DNS Server
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.