CVE-2008-3652

Publication date 13 August 2008

Last updated 24 July 2024


Ubuntu priority

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).

Status

Package Ubuntu Release Status
ipsec-tools 8.10 intrepid
Not affected
8.04 LTS hardy
Fixed 1:0.6.7-1.1ubuntu1.1
7.10 gutsy
Fixed 1:0.6.6-3.1ubuntu3.1
7.04 feisty
Fixed 1:0.6.6-3ubuntu3.1
6.06 LTS dapper
Fixed 1:0.6.5-4ubuntu1.2

References

Related Ubuntu Security Notices (USN)

    • USN-641-1
    • Racoon vulnerabilities
    • 8 September 2008

Other references