| Description: | Several remote vulnerabilities have been discovered in racoon, the Internet Key Exchange daemon of ipsec-tools. The The Common Vulnerabilities and Exposures project identified the following problems: Neil Kettle discovered a NULL pointer dereference on crafted fragmented packets that contain no payload. This results in the daemon crashing which can be used for denial of service attacks. Various memory leaks in the X.509 certificate authentication handling and the NAT-Traversal keepalive implementation can result in memory exhaustion and thus denial of service. For the oldstable distribution, this problem has been fixed in version 1:0.6.6-3.1etch3. For the stable distribution, this problem has been fixed in version 1:0.7.1-1.3+lenny2. For the testing distribution, this problem will be fixed soon. For the unstable distribution, this problem has been fixed in version 1:0.7.1-1.5. We recommend that you upgrade your ipsec-tools packages. |