CVE-2008-3652
CVE-2008-3652
src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.htmlhttp://lists.apple.com/archives/security-announce/2009/May/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=501026http://secunia.com/advisories/31478http://secunia.com/advisories/31624http://secunia.com/advisories/32759http://secunia.com/advisories/32971http://secunia.com/advisories/35074http://security.gentoo.org/glsa/glsa-200812-03.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/44424