USN-785-1 -- ipsec-tools vulnerabilitiesID: oval:org.secpod.oval:def:700335 | Date: (C)2011-05-13 (M)2021-06-02 |
Class: PATCH | Family: unix |
It was discovered that ipsec-tools did not properly handle certain fragmented packets. A remote attacker could send specially crafted packets to the server and cause a denial of service. It was discovered that ipsec-tools did not properly handle memory usage when verifying certificate signatures or processing nat-traversal keep-alive messages. A remote attacker could send specially crafted packets to the server and exhaust available memory, leading to a denial of service
Platform: |
Ubuntu 8.04 |
Ubuntu 9.04 |
Ubuntu 6.06 |
Ubuntu 8.10 |