OpenBSD: isakmpd SA deletion vulnerability
Posted by LinuxSecurity.com Team   
OpenBSD Several message handling flaws in isakmpd(8) have been reported by Thomas Walpuski.

Several message handling flaws in isakmpd(8) have been reported by Thomas       
Walpuski. These allow an attacker to delete arbitrary SAs.  Fixes have been     
commited to 3.3 and 3.4 -stable branches.  Patches are also available at        
                                                                                 
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch          
and                                                                              
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/014_isakmpd.patch          
                                                                                
The patch for 3.4 includes also a reliability fix for a filedescriptor leak     
that causes problems when a crypto card is installed.  This problem does not    
exist in 3.3.