Search CVE reports


Toggle filters

1 – 10 of 14 results


CVE-2018-5389

Low priority
Ignored

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks. Reusing a key pair across different versions and modes of IKE could lead to cross-protocol authentication bypasses. It is well...

4 affected packages

ipsec-tools, isakmpd, libreswan, strongswan

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools Not in release Not in release Ignored Ignored
isakmpd Ignored Ignored Ignored Ignored
libreswan Ignored Ignored Ignored Not in release
strongswan Ignored Ignored Ignored Ignored
Show less packages

CVE-2016-10396

Medium priority

Some fixes available 4 of 7

The racoon daemon in IPsec-Tools 0.8.2 contains a remotely exploitable computational-complexity attack when parsing and storing ISAKMP fragments. The implementation permits a remote attacker to exhaust computational resources on...

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools Not in release Not in release Not in release Fixed Vulnerable
Show less packages

CVE-2015-4047

Medium priority

Some fixes available 2 of 4

racoon/gssapi.c in IPsec-Tools 0.8.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) via a series of crafted UDP requests.

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools Not affected
Show less packages

CVE-2012-3727

Low priority
Ignored

Buffer overflow in the IPsec component in Apple iOS before 6 allows remote attackers to execute arbitrary code via a crafted racoon configuration file.

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools
Show less packages

CVE-2009-1632

Medium priority
Fixed

Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509...

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools
Show less packages

CVE-2009-1574

Medium priority
Fixed

racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools
Show less packages

CVE-2008-3652

Low priority
Fixed

src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools
Show less packages

CVE-2008-3651

Low priority
Fixed

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools
Show less packages

CVE-2008-1198

Low priority
Not affected

The default IPSec ifup script in Red Hat Enterprise Linux 3 through 5 configures racoon to use aggressive IKE mode instead of main IKE mode, which makes it easier for remote attackers to conduct brute force attacks by sniffing an...

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools
Show less packages

CVE-2007-1841

Unknown priority
Fixed

The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service (tunnel crash) via crafted (1) DELETE (ISAKMP_NPTYPE_D) and (2) NOTIFY...

1 affected packages

ipsec-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
ipsec-tools
Show less packages