CVE-2009-1632

Publication date 14 May 2009

Last updated 24 July 2024

Ubuntu priority

Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ipsec-tools	9.04 jaunty	Fixed 1:0.7-2.1ubuntu1.9.04.1
	8.10 intrepid	Fixed 1:0.7-2.1ubuntu1.8.10.1
	8.04 LTS hardy	Fixed 1:0.6.7-1.1ubuntu1.2
	6.06 LTS dapper	Fixed 1:0.6.5-4ubuntu1.3

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
ipsec-tools	Upstream: http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=u Upstream: http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=u

CVE-2009-1632

Status

Patch details

References

Related Ubuntu Security Notices (USN)

Other references