- Issued:
- 2006-04-25
- Updated:
- 2006-04-25
RHSA-2006:0267 - Security Advisory
Synopsis
ipsec-tools security update
Type/Severity
Security Advisory: Moderate
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated ipsec-tools packages that fix a bug in racoon are now available.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Description
The ipsec-tools package is used in conjunction with the IPsec functionality
in the linux kernel and includes racoon, an IKEv1 keying daemon.
A denial of service flaw was found in the ipsec-tools racoon daemon. If a
victim's machine has racoon configured in a non-recommended insecure
manner, it is possible for a remote attacker to crash the racoon daemon.
(CVE-2005-3732)
Users of ipsec-tools should upgrade to these updated packages, which contain
backported patches, and are not vulnerable to these issues.
Solution
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 173841 - CVE-2005-3732 ipsec-tools IKE DoS
- BZ - 181605 - CVE-2005-3732 ipsec-tools IKE DoS
CVEs
Red Hat Enterprise Linux Server 4
| SRPM | |
|---|---|
| ipsec-tools-0.3.3-6.rhel4.1.src.rpm | SHA-256: 965a0688fa2dd7ec5ad47b6ff0fb57c40726f1a9c56ed938daf4062117f5a244 |
| x86_64 | |
| ipsec-tools-0.3.3-6.rhel4.1.x86_64.rpm | SHA-256: 4b77cc7220a14c20d959f407e202b5c8b14a842a7506f96b23bca57ea871167a |
| ipsec-tools-0.3.3-6.rhel4.1.x86_64.rpm | SHA-256: 4b77cc7220a14c20d959f407e202b5c8b14a842a7506f96b23bca57ea871167a |
| ia64 | |
| ipsec-tools-0.3.3-6.rhel4.1.ia64.rpm | SHA-256: b8bcd7bf3b9c4e5ba2874c6cd277c31f04ebd15b7a36e922699ad00f82734374 |
| ipsec-tools-0.3.3-6.rhel4.1.ia64.rpm | SHA-256: b8bcd7bf3b9c4e5ba2874c6cd277c31f04ebd15b7a36e922699ad00f82734374 |
| i386 | |
| ipsec-tools-0.3.3-6.rhel4.1.i386.rpm | SHA-256: 49a9676ce75b673284ceacf772b5cb97775b4385040a44337f2fbd39d72d545a |
| ipsec-tools-0.3.3-6.rhel4.1.i386.rpm | SHA-256: 49a9676ce75b673284ceacf772b5cb97775b4385040a44337f2fbd39d72d545a |
Red Hat Enterprise Linux Server 3
| SRPM | |
|---|---|
| x86_64 | |
| ia64 | |
| i386 |
Red Hat Enterprise Linux Workstation 4
| SRPM | |
|---|---|
| ipsec-tools-0.3.3-6.rhel4.1.src.rpm | SHA-256: 965a0688fa2dd7ec5ad47b6ff0fb57c40726f1a9c56ed938daf4062117f5a244 |
| x86_64 | |
| ipsec-tools-0.3.3-6.rhel4.1.x86_64.rpm | SHA-256: 4b77cc7220a14c20d959f407e202b5c8b14a842a7506f96b23bca57ea871167a |
| ia64 | |
| ipsec-tools-0.3.3-6.rhel4.1.ia64.rpm | SHA-256: b8bcd7bf3b9c4e5ba2874c6cd277c31f04ebd15b7a36e922699ad00f82734374 |
| i386 | |
| ipsec-tools-0.3.3-6.rhel4.1.i386.rpm | SHA-256: 49a9676ce75b673284ceacf772b5cb97775b4385040a44337f2fbd39d72d545a |
Red Hat Enterprise Linux Workstation 3
| SRPM | |
|---|---|
| x86_64 | |
| ia64 | |
| i386 |
Red Hat Enterprise Linux Desktop 4
| SRPM | |
|---|---|
| ipsec-tools-0.3.3-6.rhel4.1.src.rpm | SHA-256: 965a0688fa2dd7ec5ad47b6ff0fb57c40726f1a9c56ed938daf4062117f5a244 |
| x86_64 | |
| ipsec-tools-0.3.3-6.rhel4.1.x86_64.rpm | SHA-256: 4b77cc7220a14c20d959f407e202b5c8b14a842a7506f96b23bca57ea871167a |
| i386 | |
| ipsec-tools-0.3.3-6.rhel4.1.i386.rpm | SHA-256: 49a9676ce75b673284ceacf772b5cb97775b4385040a44337f2fbd39d72d545a |
Red Hat Enterprise Linux Desktop 3
| SRPM | |
|---|---|
| x86_64 | |
| i386 |
Red Hat Enterprise Linux for IBM z Systems 4
| SRPM | |
|---|---|
| ipsec-tools-0.3.3-6.rhel4.1.src.rpm | SHA-256: 965a0688fa2dd7ec5ad47b6ff0fb57c40726f1a9c56ed938daf4062117f5a244 |
| s390x | |
| ipsec-tools-0.3.3-6.rhel4.1.s390x.rpm | SHA-256: cb19cabce052122a1869dbfcf32d9fdd12029b56a37483303f96439fad0c747e |
| s390 | |
| ipsec-tools-0.3.3-6.rhel4.1.s390.rpm | SHA-256: 48263db45f0dc12498320b07e841058dcc1b034b79c7b6f3e0ee6cb32f3994de |
Red Hat Enterprise Linux for IBM z Systems 3
| SRPM | |
|---|---|
| s390x | |
| s390 |
Red Hat Enterprise Linux for Power, big endian 4
| SRPM | |
|---|---|
| ipsec-tools-0.3.3-6.rhel4.1.src.rpm | SHA-256: 965a0688fa2dd7ec5ad47b6ff0fb57c40726f1a9c56ed938daf4062117f5a244 |
| ppc | |
| ipsec-tools-0.3.3-6.rhel4.1.ppc.rpm | SHA-256: d11a465d6c8ac2511c805755b6cda7168242856690cbc2079cbce3a683ecac72 |
Red Hat Enterprise Linux for Power, big endian 3
| SRPM | |
|---|---|
| ppc |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
