Your submission was sent successfully! Close

USN-641-1: Racoon vulnerabilities

8 September 2008

Racoon vulnerabilities

Releases

Packages

Details

It was discovered that there were multiple ways to leak memory during the
IKE negotiation when handling certain packets. If a remote
attacker sent repeated malicious requests, the "racoon" key exchange
server could allocate large amounts of memory, possibly leading to a
denial of service.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 8.04
Ubuntu 7.10
Ubuntu 7.04
Ubuntu 6.06

In general, a standard system upgrade is sufficient to effect the
necessary changes.