Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: New ipsec-tools packages fix denial of service Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 965-1                                        Martin Schulze
February 6th, 2006            
- --------------------------------------------------------------------------

Package        : ipsec-tools
Vulnerability  : null dereference
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2005-3732
BugTraq ID     : 15523
Debian Bug     : 340584

The Internet Key Exchange version 1 (IKEv1) implementation in racoon
from ipsec-tools, IPsec tools for Linux, try to dereference a NULL
pointer under certain conditions which allows a remote attacker to
cause a denial of service.

The old stable distribution (woody) does not contain ipsec-tools.

For the stable distribution (sarge) this problem has been fixed in
version 0.5.2-1sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 0.6.3-1.

We recommend that you upgrade your racoon package.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:
      Size/MD5 checksum:      685 7172e2477ce0e0778eac29236595a0c0
      Size/MD5 checksum:    43453 8ec2e0ed865ca4185f84cc8d27cf3dba
      Size/MD5 checksum:   887818 50dccd981710182c8cf86666783b0df2

  Alpha architecture:
      Size/MD5 checksum:    91708 9de3f085231197a7de53a5b50307dc07
      Size/MD5 checksum:   358712 8283c9b4ce54d46caf0aecd01365d7e9

  AMD64 architecture:
      Size/MD5 checksum:    81642 de97d7d0cf493d6fd8f710cdfcacf485
      Size/MD5 checksum:   304980 e3ce0db5d01427525969a4fa16c4b18c

  ARM architecture:
      Size/MD5 checksum:    82078 d96dd62daec9798c3928f4d9629c90af
      Size/MD5 checksum:   293006 0584e9e94346fbc2b959461204f49a68

  Intel IA-32 architecture:
      Size/MD5 checksum:    78114 7696967815385e56dce90c53db5bfead
      Size/MD5 checksum:   291490 4c2cb51dd43c7d778b63227708b27e42

  Intel IA-64 architecture:
      Size/MD5 checksum:   103870 f85f08d8b87206013639945a64180315
      Size/MD5 checksum:   408352 78b6511d113e672f06f245a5e2b0fd91

  HP Precision architecture:
      Size/MD5 checksum:    87206 e82d46a0e3387d8f9e7b5f648f30c985
      Size/MD5 checksum:   313098 e542429284c183d56906fd68f5120ef5

  Motorola 680x0 architecture:
      Size/MD5 checksum:    75294 f787affc6a598da295ba47833ac11f96
      Size/MD5 checksum:   261904 3a667a087f2b1b0749df956953809787

  Big endian MIPS architecture:
      Size/MD5 checksum:    81512 78b1984c4f7e1767e9e0a5f7973826da
      Size/MD5 checksum:   311252 711e7eef2b62eb3f3c62c2731682014a

  Little endian MIPS architecture:
      Size/MD5 checksum:    81722 4cb4cfefd80785ddd08ac56f6a29d8a2
      Size/MD5 checksum:   314398 755b9cbcfa80716d3b67518995cecc57

  PowerPC architecture:
      Size/MD5 checksum:    84182 f93222817a08ee9b134b2227e9710c9c
      Size/MD5 checksum:   299802 fa4286b36de4c4cdb344501bca93cec7

  IBM S/390 architecture:
      Size/MD5 checksum:    84358 4739bc0a2a512d911e77e905254ab7e9
      Size/MD5 checksum:   299502 2e01eac11fe42c459efcbc3ecf949cc4

  Sun Sparc architecture:
      Size/MD5 checksum:    81038 f40757af48fd04929715dc486feff3fe
      Size/MD5 checksum:   284678 67368918e5be7f007e8ce1c0d9f9f335

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.