Vulnerability CVE-2008-3651


Published: 2008-08-12   Modified: 2012-02-12

Description:
Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.

Type:

CWE-200

(Information Exposure)

Vendor: Linux
Product: Ipsec tools racoon daemon 
Version:
0.7
0.6.7
0.6.6
0.6.5
0.6.4
0.6
0.5.2
0.5.1
0.5
0.3.3
0.2.5
0.2.2

CVSS2 => (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4/10
2.9/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
https://bugzilla.redhat.com/show_bug.cgi?id=456660
http://xforce.iss.net/xforce/xfdb/44395
http://www.vupen.com/english/advisories/2009/1621
http://www.vupen.com/english/advisories/2009/1297
http://www.vupen.com/english/advisories/2008/2844
http://www.vupen.com/english/advisories/2008/2345
http://www.ubuntu.com/usn/usn-641-1
http://www.securitytracker.com/id?1020667
http://www.securityfocus.com/bid/30657
http://www.redhat.com/support/errata/RHSA-2008-0849.html
http://www.mandriva.com/security/advisories?name=MDVSA-2008:181
http://support.apple.com/kb/HT3639
http://support.apple.com/kb/HT3549
http://sourceforge.net/project/shownotes.php?release_id=615380&group_id=74601
http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc
http://security.gentoo.org/glsa/glsa-200812-03.xml
http://secunia.com/advisories/35074
http://secunia.com/advisories/32971
http://secunia.com/advisories/32759
http://secunia.com/advisories/31624
http://secunia.com/advisories/31450
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10453
http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2
http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

Related CVE
CVE-2019-14763
In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.
CVE-2018-20961
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2019-10142
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page size calculation. A...
CVE-2018-16871
A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence....
CVE-2017-18379
In the Linux kernel before 4.14, an out of boundary access happened in drivers/nvme/target/fc.c.
CVE-2016-10764
In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.
CVE-2015-9289
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values suc...
CVE-2012-6712
In the Linux kernel before 3.4, a buffer overflow occurs in drivers/net/wireless/iwlwifi/iwl-agn-sta.c, which will cause at least memory corruption.

Copyright 2019, cxsecurity.com

 

Back to Top