ID CVE-2007-1841
Summary The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service (tunnel crash) via crafted (1) DELETE (ISAKMP_NPTYPE_D) and (2) NOTIFY (ISAKMP_NPTYPE_N) messages.
References
Vulnerable Configurations
  • cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.2
    cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.2
CVSS
Base: 4.3 (as of 11-04-2007 - 09:58)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1299.NASL
    description It was discovered that a specially crafted packet sent to the racoon ipsec key exchange server could cause a tunnel to crash, resulting in a denial of service. The oldstable distribution (sarge) isn't affected by this problem.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25455
    published 2007-06-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25455
    title Debian DSA-1299-1 : ipsec-tools - missing input sanitising
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0342.NASL
    description From Red Hat Security Advisory 2007:0342 : Updated ipsec-tools packages that fix a denial of service flaw in racoon are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. (CVE-2007-1841) Users of ipsec-tools should upgrade to these updated packages, which contain a backported patch that resolves this issue.
    last seen 2019-02-21
    modified 2018-08-13
    plugin id 67490
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67490
    title Oracle Linux 5 : ipsec-tools (ELSA-2007-0342)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_NOVELL-IPSEC-TOOLS-4655.NASL
    description This update fixes a security problem in novell-ipsec-tools : CVE-2007-1841: Fix a DoS in isakmp_info_recv and also a non-security bug with a crash in GSSAPI.
    last seen 2018-09-01
    modified 2014-06-13
    plugin id 30016
    published 2008-01-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=30016
    title openSUSE 10 Security Update : novell-ipsec-tools (novell-ipsec-tools-4655)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0342.NASL
    description Updated ipsec-tools packages that fix a denial of service flaw in racoon are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. (CVE-2007-1841) Users of ipsec-tools should upgrade to these updated packages, which contain a backported patch that resolves this issue.
    last seen 2019-02-21
    modified 2018-11-16
    plugin id 25330
    published 2007-05-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25330
    title RHEL 5 : ipsec-tools (RHSA-2007:0342)
  • NASL family SuSE Local Security Checks
    NASL id SUSE9_11491.NASL
    description A bug in the IKE daemon 'racoon' allowed remote attackers shut down established tunnels. (CVE-2007-1841)
    last seen 2019-02-21
    modified 2012-04-23
    plugin id 41125
    published 2009-09-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=41125
    title SuSE9 Security Update : ipsec-tools (YOU Patch Number 11491)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200705-09.NASL
    description The remote host is affected by the vulnerability described in GLSA-200705-09 (IPsec-Tools: Denial of Service) The isakmp_info_recv() function in src/racoon/isakmp_inf.c does not always check that DELETE (ISAKMP_NPTYPE_D) and NOTIFY (ISAKMP_NPTYPE_N) packets are encrypted. Impact : A remote attacker could send a specially crafted IPsec message to one of the two peers during the beginning of phase 1, resulting in the termination of the IPsec exchange. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 25186
    published 2007-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25186
    title GLSA-200705-09 : IPsec-Tools: Denial of Service
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20070517_IPSEC_TOOLS_ON_SL5_X.NASL
    description A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. (CVE-2007-1841)
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60183
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60183
    title Scientific Linux Security Update : ipsec-tools on SL5.x i386/x86_64
  • NASL family SuSE Local Security Checks
    NASL id SUSE_IPSEC-TOOLS-3099.NASL
    description A bug in the IKE daemon 'racoon' allowed remote attackers shut down established tunnels. (CVE-2007-1841)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29466
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29466
    title SuSE 10 Security Update : ipsec-tools (ZYPP Patch Number 3099)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_IPSEC-TOOLS-3098.NASL
    description A bug in the IKE daemon 'racoon' allowed remote attackers shut down established tunnels (CVE-2007-1841).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27273
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27273
    title openSUSE 10 Security Update : ipsec-tools (ipsec-tools-3098)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0342.NASL
    description Updated ipsec-tools packages that fix a denial of service flaw in racoon are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The ipsec-tools package is used in conjunction with the IPsec functionality in the linux kernel and includes racoon, an IKEv1 keying daemon. A denial of service flaw was found in the ipsec-tools racoon daemon. It was possible for a remote attacker, with knowledge of an existing ipsec tunnel, to terminate the ipsec connection between two machines. (CVE-2007-1841) Users of ipsec-tools should upgrade to these updated packages, which contain a backported patch that resolves this issue.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43640
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43640
    title CentOS 5 : ipsec-tools (CESA-2007:0342)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-450-1.NASL
    description A flaw was discovered in the IPSec key exchange server 'racoon'. Remote attackers could send a specially crafted packet and disrupt established IPSec tunnels, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 28047
    published 2007-11-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=28047
    title Ubuntu 5.10 / 6.06 LTS / 6.10 : ipsec-tools vulnerability (USN-450-1)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRAKE_MDKSA-2007-084.NASL
    description The ipsec-tools package prior to version 0.6.7 allows remote attackers to cause a Denial of Service (tunnel crash) via crafted DELTE and NOTIFY messages. Updated packages have been patched to correct this issue.
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 25062
    published 2007-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25062
    title Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2007:084)
oval via4
accepted 2013-04-29T04:06:14.106-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service (tunnel crash) via crafted (1) DELETE (ISAKMP_NPTYPE_D) and (2) NOTIFY (ISAKMP_NPTYPE_N) messages.
family unix
id oval:org.mitre.oval:def:10504
status accepted
submitted 2010-07-09T03:56:16-04:00
title The isakmp_info_recv function in src/racoon/isakmp_inf.c in racoon in Ipsec-tools before 0.6.7 allows remote attackers to cause a denial of service (tunnel crash) via crafted (1) DELETE (ISAKMP_NPTYPE_D) and (2) NOTIFY (ISAKMP_NPTYPE_N) messages.
version 18
redhat via4
advisories
bugzilla
id 235388
title CVE-2007-1841 ipsec-tools racoon DoS
oval
AND
  • comment Red Hat Enterprise Linux 5 is installed
    oval oval:com.redhat.rhsa:tst:20070055001
  • comment ipsec-tools is earlier than 0:0.6.5-8.el5
    oval oval:com.redhat.rhsa:tst:20070342002
  • comment ipsec-tools is signed with Red Hat redhatrelease key
    oval oval:com.redhat.rhsa:tst:20070342003
rhsa
id RHSA-2007:0342
released 2007-05-17
severity Moderate
title RHSA-2007:0342: ipsec-tools security update (Moderate)
rpms ipsec-tools-0:0.6.5-8.el5
refmap via4
bid 23394
confirm http://sourceforge.net/project/shownotes.php?release_id=499192&group_id=74601
debian DSA-1299
gentoo GLSA-200705-09
mandriva MDKSA-2007:084
mlist [Ipsec-tools-devel] 20070406 Ipsec-tools 0.6.7 released
sectrack 1018086
secunia
  • 24815
  • 24826
  • 24833
  • 25072
  • 25142
  • 25322
  • 25560
suse SUSE-SR:2007:008
ubuntu USN-450-1
vupen ADV-2007-1310
xf ipsectools-isakmpinforecv-dos(33541)
Last major update 07-03-2011 - 21:53
Published 10-04-2007 - 18:19
Last modified 10-10-2017 - 21:32
Back to Top