|
|
|
Choosing A Webhost: |
[USN-107-1] racoon vulnerability: msg#00004linux.ubuntu.security.announce
=========================================================== Ubuntu Security Notice USN-107-1 April 05, 2005 ipsec-tools vulnerability CAN-2005-0398 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: racoon The problem can be corrected by upgrading the affected package to version 0.3.3-1ubuntu0.1. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Sebastian Krahmer discovered a Denial of Service vulnerability in the racoon daemon. By sending specially crafted ISAKMP packets, a remote attacker could trigger a buffer overflow which caused racoon to crash. This update does not introduce any source code changes affecting the ipsec-tools package. It is necessary to update the version number of the package in order to support an update to the "racoon" package. Please note that racoon is not officially supported by Ubuntu (it is in the "universe" component of the archive). Source archives: http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1.diff.gz Size/MD5: 191538 4cde6e53403236be32d6640b0c3e0482 http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1.dsc Size/MD5: 705 022ba833374033ad5089ff1250dd0360 http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3.orig.tar.gz Size/MD5: 864122 b141da8ae299c8fdc53e536f6bbc3ad0 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1_amd64.deb Size/MD5: 106112 96d79a33ea9fca8a4e62b9be790ecc91 http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.1_amd64.deb Size/MD5: 201304 800c93f6ea50b99b635364b8acb98d7b i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1_i386.deb Size/MD5: 101104 f36df353beb372625da1aaefd7f641e5 http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.1_i386.deb Size/MD5: 186172 d0213fee3f32816c0e83c227064891fc powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.3.3-1ubuntu0.1_powerpc.deb Size/MD5: 108824 cc6193f450715b21e4c16b8bea002399 http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0.3.3-1ubuntu0.1_powerpc.deb Size/MD5: 195936 4ab4dd044d8f31d17d8022bcd8539370
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
|
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | [USN-106-1] Gaim vulnerabilities, Martin Pitt |
|---|---|
| Next by Date: | [USN-108-1] GDK vulnerability, Martin Pitt |
| Previous by Thread: | [USN-106-1] Gaim vulnerabilities, Martin Pitt |
| Next by Thread: | [USN-108-1] GDK vulnerability, Martin Pitt |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
Free MagazinesCisco NewsReceive a free quarterly e-newsletter with exclusive articles on how Cisco IT uses its own products and solutions to enable the business. subscribe Systems Management News, the newspaper for IT systems administration and data center managers! Each issue of Systems Management News is chock-full of news and analysis to help you understand what's happening in your field. subscribe The Enterprise Newsweekly eWeek is the essential technology information source for builders of e-business. subscribe Oracle Magazine Oracle Magazine contains technology strategy articles, sample code, tips, Oracle and partner news, how to articles for developers and DBAs, and more. Oracle (NASDAQ: ORCL) is the world's largest enterprise software company. subscribe Total Telecom Total Telecom is "The Economist of the communications industry". subscribe |
