KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability
BID:10172
Info
KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability
| Bugtraq ID: | 10172 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2004-0403 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 19 2004 12:00AM |
| Updated: | Jul 12 2009 04:06AM |
| Credit: | This issue was disclosed by the vendor. |
| Vulnerable: |
SGI ProPack 3.0 SCO Unixware 7.1.4 KAME Racoon Apple Mac OS X Server 10.3.3 Apple Mac OS X Server 10.2.8 Apple Mac OS X 10.3.3 Apple Mac OS X 10.2.8 |
| Not Vulnerable: | |
Discussion
KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability
It has been reported that racoon is prone to a denial of service vulnerability when handling malformed ISAKMP packets. This issue may allow a remote attacker to cause the application to exhaust memory resources leading to a crash or hang.
It has been reported that racoon is prone to a denial of service vulnerability when handling malformed ISAKMP packets. This issue may allow a remote attacker to cause the application to exhaust memory resources leading to a crash or hang.
Exploit / POC
KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability
Solution:
The vendor has supplied a patch to address this issue:
http://www.securityfocus.com/data/vulnerabilities/patches/racoon_patch
SGI has released an advisory (20040506-01-U) with Patch 10075 for SGI
ProPack 3 to address this and other issues. Please see the referenced
advisory for more information.
Gentoo has released an advisory GLSA 200404-17 to address this issue. Please see the referenced advisory for more information. Gentoo has advised that users may carry out the following commands to apply fixes:
ipsec-tools users should upgrade to version 0.2.5 or later:
emerge sync
emerge -pv ">=net-firewall/ipsec-tools-0.3.1"
emerge ">=net-firewall/ipsec-tools-0.3.1"
iputils users should upgrade to version 021109-r3 or later:
emerge sync
emerge -pv ">=net-misc/iputils-021109-r3"
emerge ">=net-misc/iputils-021109-r3"
Apple has released security advisory APPLE-SA-2004-05-03 dealing with this and other issues. Please see the referenced advisory for more information.
Red Hat has released advisory RHSA-2004:165-09 dealing with this and other issues for their enterprise linux distribution. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
RedHat has released an advisory FEDORA-2004-132 to address this issue in Fedora Core 2. Please see the referenced advisory for more information.
Mandrake Linux has released advisory MDKSA-2004:069 along with fixes dealing with this issue. Please see the referenced advisory for more information.
SCO has released advisory SCOSA-2005.10 to address various issues in Racoon affecting UnixWare 7.1.4. Please see the referenced advisory for more information.
Apple Mac OS X 10.2.8
Apple Mac OS X Server 10.2.8
Apple Mac OS X Server 10.3.3
Apple Mac OS X 10.3.3
SGI ProPack 3.0
SCO Unixware 7.1.4
Solution:
The vendor has supplied a patch to address this issue:
http://www.securityfocus.com/data/vulnerabilities/patches/racoon_patch
SGI has released an advisory (20040506-01-U) with Patch 10075 for SGI
ProPack 3 to address this and other issues. Please see the referenced
advisory for more information.
Gentoo has released an advisory GLSA 200404-17 to address this issue. Please see the referenced advisory for more information. Gentoo has advised that users may carry out the following commands to apply fixes:
ipsec-tools users should upgrade to version 0.2.5 or later:
emerge sync
emerge -pv ">=net-firewall/ipsec-tools-0.3.1"
emerge ">=net-firewall/ipsec-tools-0.3.1"
iputils users should upgrade to version 021109-r3 or later:
emerge sync
emerge -pv ">=net-misc/iputils-021109-r3"
emerge ">=net-misc/iputils-021109-r3"
Apple has released security advisory APPLE-SA-2004-05-03 dealing with this and other issues. Please see the referenced advisory for more information.
Red Hat has released advisory RHSA-2004:165-09 dealing with this and other issues for their enterprise linux distribution. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.
RedHat has released an advisory FEDORA-2004-132 to address this issue in Fedora Core 2. Please see the referenced advisory for more information.
Mandrake Linux has released advisory MDKSA-2004:069 along with fixes dealing with this issue. Please see the referenced advisory for more information.
SCO has released advisory SCOSA-2005.10 to address various issues in Racoon affecting UnixWare 7.1.4. Please see the referenced advisory for more information.
Apple Mac OS X 10.2.8
-
Apple SecUpd2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z/Sec Upd2004-05-03Jag.dmg -
Apple SecUpd2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z/Sec Upd2004-05-03Pan.dmg -
Apple SecUpdSrvr2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z/Sec UpdSrvr2004-05-03Jag.dmg -
Apple SecUpdSrvr2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z/Sec UpdSrvr2004-05-03Pan.dmg
Apple Mac OS X Server 10.2.8
-
Apple SecUpd2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z/Sec Upd2004-05-03Jag.dmg -
Apple SecUpd2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z/Sec Upd2004-05-03Pan.dmg -
Apple SecUpdSrvr2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z/Sec UpdSrvr2004-05-03Jag.dmg -
Apple SecUpdSrvr2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z/Sec UpdSrvr2004-05-03Pan.dmg
Apple Mac OS X Server 10.3.3
-
Apple SecUpd2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z/Sec Upd2004-05-03Jag.dmg -
Apple SecUpd2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z/Sec Upd2004-05-03Pan.dmg -
Apple SecUpdSrvr2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z/Sec UpdSrvr2004-05-03Jag.dmg -
Apple SecUpdSrvr2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z/Sec UpdSrvr2004-05-03Pan.dmg
Apple Mac OS X 10.3.3
-
Apple SecUpd2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z/Sec Upd2004-05-03Jag.dmg -
Apple SecUpd2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z/Sec Upd2004-05-03Pan.dmg -
Apple SecUpdSrvr2004-05-03Jag.dmg
http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z/Sec UpdSrvr2004-05-03Jag.dmg -
Apple SecUpdSrvr2004-05-03Pan.dmg
http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z/Sec UpdSrvr2004-05-03Pan.dmg
SGI ProPack 3.0
-
SGI patch10075.tar.gz
ftp://patches.sgi.com/support/free/security/patches/ProPack/3/
SCO Unixware 7.1.4
-
SCO erg712650.pkg.Z
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.10/erg712650.pkg.Z
References
KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability
References:
References:
- RHSA-2004:165-09 - Updated ipsec-tools package fixes vulnerabilities in ISAKMP (RedHat)
- Vendor Homepage (KAME Project)