FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2008-3651

This CVE name corresponds to:

Entered Topic
2009-01-21 ipset-tools -- Denial of Service Vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2008-3651 at cve.mitre.org

Details

Type Candidate
Name CVE-2008-3651
Phase Assigned(20080812)

Description

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.

References

Source Reference
MLIST [ipsec-tools-devel] 20080724 Ipsec-tools 0.7.1 released
MLIST [ipsec-tools-announce] 20080724 Ipsec-tools 0.7.1 released
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=456660
CONFIRM http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601
CONFIRM http://support.apple.com/kb/HT3549
CONFIRM http://support.apple.com/kb/HT3639
APPLE APPLE-SA-2009-05-12
APPLE APPLE-SA-2009-06-17-1
GENTOO GLSA-200812-03
MANDRIVA MDVSA-2008:181
REDHAT RHSA-2008:0849
SUSE SUSE-SR:2008:025
SUSE SUSE-SR:2009:004
UBUNTU USN-641-1
CERT TA09-133A
BID 30657
OVAL oval:org.mitre.oval:def:10453
SECUNIA 35074
VUPEN ADV-2008-2345
VUPEN ADV-2008-2844
SECTRACK 1020667
SECUNIA 31450
SECUNIA 31624
SECUNIA 32759
SECUNIA 32971
VUPEN ADV-2009-1297
VUPEN ADV-2009-1621
XF ipsectools-racoon-dos(44395)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.