Description
The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
Product(s):
- IPsec-tools 0.3.3
- IPsec-Tools 0.5
- KAME Racoon 2003-07-11
- KAME Racoon 2004-04-05
- KAME Racoon 2004-04-07b
- KAME Racoon 2004-05-03
- KAME Racoon 2005-01-03
- KAME Racoon 2005-01-10
- KAME Racoon 2005-01-17
- KAME Racoon 2005-01-24
- KAME Racoon 2005-01-31
- KAME Racoon 2005-02-07
- KAME Racoon 2005-02-14
- KAME Racoon 2005-02-21
- KAME Racoon 2005-02-28
- KAME Racoon 2005-03-07
- SGI ProPack 3.0
- ALT Linux 2.3 Compact Edition
- ALT Linux 2.3 Junior Edition
- Red Hat Enterprise Linux 3.0 Advanced Servers
- Red Hat Enterprise Linux 3.0 Enterprise Server Edition
- Red Hat Enterprise Linux 3.0 Workstation
- Red Hat Enterprise Linux 4.0 Advanced Server
- Red Hat Enterprise Linux 4.0 Enterprise Server
- Red Hat Enterprise Linux 4.0 Workstation
- Red Hat Desktop 3.0
- Red Hat Desktop 4.0
- SUSE Linux Desktop
- SUSE Linux Enterprise Server
- Suse Suse Linux 10 Service Pack 1 Enterprise Server Edition
- Suse Suse Linux 9.0 Enterprise Server Edition
- SuSE SuSE Linux 9.1
- SUSE Linux 9.1 on x86_64
- SuSE SuSE Linux 9.2
- SUSE Linux 9.2 on x86_64
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-0398, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-0398 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.