CVE-2005-0398
CVSS5.0
发布时间 :2005-03-14 00:00:00
修订时间 :2011-03-07 21:19:54
NMCOPS    

[原文]The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.


[CNNVD]KAME 拒绝服务漏洞(CNNVD-200503-110)

        远程攻击者可以借助ipsec-tools 0.5之前版本的KAME racoon daemon,通过缺陷ISAKMP封包实施拒绝服务攻击(崩溃)。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:kame:racoon:2005-01-17
cpe:/o:redhat:enterprise_linux:4.0::advanced_server
cpe:/a:kame:racoon:2005-02-28
cpe:/o:redhat:enterprise_linux:3.0::advanced_servers
cpe:/a:sgi:propack:3.0SGI ProPack 3.0
cpe:/o:redhat:enterprise_linux:4.0::workstation
cpe:/o:suse:suse_linux:9.2SuSE SuSE Linux 9.2
cpe:/a:kame:racoon:2005-02-21
cpe:/a:kame:racoon:2004-05-03
cpe:/a:kame:racoon:2003-07-11
cpe:/o:suse:suse_linux:::desktop
cpe:/o:redhat:enterprise_linux_desktop:4.0Red Hat Desktop 4.0
cpe:/o:redhat:enterprise_linux:3.0::enterprise_server
cpe:/o:suse:suse_linux:9.1SuSE SuSE Linux 9.1
cpe:/a:kame:racoon:2005-01-31
cpe:/o:suse:suse_linux:9.1::x86_64
cpe:/a:ipsec-tools:ipsec-tools:0.5
cpe:/a:kame:racoon:2005-01-24
cpe:/a:kame:racoon:2004-04-07b
cpe:/o:altlinux:alt_linux:2.3::compact
cpe:/o:altlinux:alt_linux:2.3::junior
cpe:/o:redhat:enterprise_linux:3.0::workstation
cpe:/a:kame:racoon:2005-02-14
cpe:/a:kame:racoon:2005-01-10
cpe:/a:kame:racoon:2004-04-05
cpe:/o:suse:suse_linux:9.2::x86_64
cpe:/a:kame:racoon:2005-01-03
cpe:/o:suse:suse_linux:::enterprise_server
cpe:/a:kame:racoon:2005-03-07
cpe:/o:redhat:enterprise_linux_desktop:3.0Red Hat Desktop 3.0
cpe:/a:ipsec-tools:ipsec-tools:0.3.3
cpe:/a:kame:racoon:2005-02-07
cpe:/o:redhat:enterprise_linux:4.0::enterprise_server

- OVAL (用于检测的技术细节)

oval:org.mitre.oval:def:10028The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.
*OVAL详细的描述了检测该漏洞的方法,你可以从相关的OVAL定义中找到更多检测该漏洞的技术细节。

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0398
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0398
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200503-110
(官方数据源) CNNVD

- 其它链接及资源

https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view
(VENDOR_ADVISORY)  MISC  https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=109966&action=view
http://xforce.iss.net/xforce/xfdb/19707
(VENDOR_ADVISORY)  XF  racoon-isakmp-header-dos(19707)
http://www.securityfocus.com/bid/12804
(VENDOR_ADVISORY)  BID  12804
http://www.redhat.com/support/errata/RHSA-2005-232.html
(VENDOR_ADVISORY)  REDHAT  RHSA-2005:232
http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000
(VENDOR_ADVISORY)  MLIST  [ipsec-tools-devel] 20050312 potential remote crash in racoon
http://securitytracker.com/id?1013433
(VENDOR_ADVISORY)  SECTRACK  1013433
http://security.gentoo.org/glsa/glsa-200503-33.xml
(VENDOR_ADVISORY)  GENTOO  GLSA-200503-33
http://secunia.com/advisories/14584
(VENDOR_ADVISORY)  SECUNIA  14584
http://www.vupen.com/english/advisories/2005/0264
(UNKNOWN)  VUPEN  ADV-2005-0264
http://www.mandriva.com/security/advisories?name=MDKSA-2005:062
(UNKNOWN)  MANDRAKE  MDKSA-2005:062

- 漏洞信息

KAME 拒绝服务漏洞
中危 边界条件错误
2005-03-14 00:00:00 2009-06-13 00:00:00
远程  
        远程攻击者可以借助ipsec-tools 0.5之前版本的KAME racoon daemon,通过缺陷ISAKMP封包实施拒绝服务攻击(崩溃)。

- 公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:
        KAME Racoon 20050214
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050110
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20040405
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050103
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050207
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20040503
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050307
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050117
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050124
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050228
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050221
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20030711
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20050131
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon 20040407b
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        KAME Racoon
        KAME racoon 20050314
        http://www.kame.net/snap-users/
        IPsec-Tools IPsec-Tools 0.3.3
        Ubuntu ipsec-tools_0.3.3-1ubuntu0.1_amd64.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_ 0.3.3-1ubuntu0.1_amd64.deb
        Ubuntu ipsec-tools_0.3.3-1ubuntu0.1_i386.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_ 0.3.3-1ubuntu0.1_i386.deb
        Ubuntu ipsec-tools_0.3.3-1ubuntu0.1_powerpc.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_ 0.3.3-1ubuntu0.1_powerpc.deb
        Ubuntu racoon_0.3.3-1ubuntu0.1_amd64.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0 .3.3-1ubuntu0.1_amd64.deb
        Ubuntu racoon_0.3.3-1ubuntu0.1_i386.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0 .3.3-1ubuntu0.1_i386.deb
        Ubuntu racoon_0.3.3-1ubuntu0.1_powerpc.deb
        Ubuntu 4.10 (Warty Warthog)
        http://security.ubuntu.com/ubuntu/pool/universe/i/ipsec-tools/racoon_0 .3.3-1ubuntu0.1_powerpc.deb
        IPsec-Tools IPsec-Tools 0.5
        Fedora ipsec-tools-0.5-2.fc2.i386.rpm
        RedHat Fedora Core 2
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
        Fedora ipsec-tools-0.5-2.fc2.x86_64.rpm
        RedHat Fedora Core 2
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
        Fedora ipsec-tools-0.5-2.fc3.i386.rpm
        RedHat Fedora Core 3
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
        Fedora ipsec-tools-0.5-2.fc3.x86_64.rpm
        RedHat Fedora Core 3
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
        Fedora ipsec-tools-debuginfo-0.5-2.fc2.i386.rpm
        RedHat Fedora Core 2
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
        Fedora ipsec-tools-debuginfo-0.5-2.fc2.x86_64.rpm
        RedHat Fedora Core 2
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/
        Fedora ipsec-tools-debuginfo-0.5-2.fc3.i386.rpm
        RedHat Fedora Core 3
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
        Fedora ipsec-tools-debuginfo-0.5-2.fc3.x86_64.rpm
        RedHat Fedora Core 3
        http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/
        SCO Open Server 6.0
        SCO SCOSA-2005.52
        OpenServer 6.0.0
        ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.52
        SCO SCOSA-2005.52
        OpenServer 6.0.0
        ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.52
        SCO Unixware 7.1.4
        SCO erg712818.uw714.pkg.Z
        ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.37
        S.u.S.E. Linux Personal 9.1 x86_64
        SuSE ipsec-tools-0.3.3-1.6.x86_64.rpm
        ftp://ftp.suse.com/pub/suse/x86_64/update/9.1/rpm/x86_64/ipsec-tools-0 .3.3-1.6.x86_64.rpm
        S.u.S.E. Linux Personal 9.1
        SuSE ipsec-tools-0.3.3-1.6.i586.rpm
        ftp://ftp.suse.com/pub/suse/i386/update/9.1/rpm/i586/ipsec-tools-0.3.3 -1.6.i586.rpm
        S.u.S.E. Linux Personal 9.2
        SuSE i

- 漏洞信息 (F36811)

Gentoo Linux Security Advisory 200503-33 (PacketStormID:F36811)
2005-03-25 00:00:00
Gentoo  security.gentoo.org
advisory,remote,denial of service
linux,gentoo
CVE-2005-0398
[点击下载]

Gentoo Linux Security Advisory GLSA 200503-33 - Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing code of racoon. Versions less than 0.5-r1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200503-33
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: IPsec-Tools: racoon Denial of Service
      Date: March 25, 2005
      Bugs: #84479
        ID: 200503-33

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

IPsec-Tools' racoon is affected by a remote Denial of Service
vulnerability.

Background
==========

IPsec-Tools is a port of KAME's implementation of the IPsec utilities.
It contains a collection of network monitoring tools, including racoon,
ping, and ping6.

Affected packages
=================

    -------------------------------------------------------------------
     Package                   /  Vulnerable  /             Unaffected
    -------------------------------------------------------------------
  1  net-firewall/ipsec-tools      < 0.5-r1                 *>= 0.4-r1
                                                             >= 0.5-r1

Description
===========

Sebastian Krahmer has reported a potential remote Denial of Service
vulnerability in the ISAKMP header parsing code of racoon.

Impact
======

An attacker could possibly cause a Denial of Service of racoon using a
specially crafted ISAKMP packet.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All IPsec-Tools users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.4-r1"

References
==========

  [ 1 ] CAN-2005-0398
        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0398
  [ 2 ] ipsec-tools-devel posting
        http://sourceforge.net/mailarchive/forum.php?thread_id=6787713&forum_id=32000

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200503-33.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2005 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0
    

- 漏洞信息

14776
IPsec-Tools racoon Daemon ISAKMP Header Parsing Remote DoS
Remote / Network Access Denial of Service
Loss of Availability

- 漏洞描述

- 时间线

2005-03-12 Unknow
Unknow Unknow

- 解决方案

Products

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

KAME Racoon Malformed ISAKMP Packet Headers Denial of Service Vulnerability
Boundary Condition Error 12804
Yes No
2005-03-14 12:00:00 2009-07-12 10:56:00
Discovery is credited to Sebastian Krahmer.

- 受影响的程序版本

SGI ProPack 3.0
SCO Unixware 7.1.4
SCO Open Server 6.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Enterprise Server 9
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Desktop 4.0
RedHat Desktop 3.0
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
KAME Racoon 20050307
KAME Racoon 20050228
KAME Racoon 20050221
KAME Racoon 20050214
KAME Racoon 20050207
KAME Racoon 20050131
KAME Racoon 20050124
KAME Racoon 20050117
KAME Racoon 20050110
KAME Racoon 20050103
KAME Racoon 20040503
KAME Racoon 20040407b
KAME Racoon 20040405
KAME Racoon 20030711
+ FreeBSD FreeBSD 4.9
KAME Racoon
+ FreeBSD FreeBSD 4.9
+ NetBSD NetBSD 1.6.1
+ NetBSD NetBSD 1.6
IPsec-Tools IPsec-Tools 0.5
+ Red Hat Fedora Core3
+ Red Hat Fedora Core2
IPsec-Tools IPsec-Tools 0.3.3
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Gentoo Linux
ALT Linux ALT Linux Junior 2.3
ALT Linux ALT Linux Compact 2.3
KAME Racoon 20050314
IPsec-Tools IPsec-Tools 0.5.1

- 不受影响的程序版本

KAME Racoon 20050314
IPsec-Tools IPsec-Tools 0.5.1

- 漏洞讨论

KAME's racoon is reported prone to a vulnerability that may allow a remote attacker to cause a denial-of-service condition in the application.

This issue arises from a boundary condition error when the application handles malformed ISAKMP packets.

Versions of racoon prior to 20050307 are considered vulnerable to this issue.

- 漏洞利用


Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com

- 解决方案


The vendor has released a SNAP upgrade to address this issue.

Please see the referenced advisories for further information.


KAME Racoon 20050214

KAME Racoon 20050110

KAME Racoon 20040405

KAME Racoon 20050103

KAME Racoon 20050207

KAME Racoon 20040503

KAME Racoon 20050307

KAME Racoon 20050117

KAME Racoon 20050124

KAME Racoon 20050228

KAME Racoon 20050221

KAME Racoon 20030711

KAME Racoon 20050131

KAME Racoon 20040407b

KAME Racoon

IPsec-Tools IPsec-Tools 0.3.3

IPsec-Tools IPsec-Tools 0.5

SCO Open Server 6.0

SCO Unixware 7.1.4

S.u.S.E. Linux Personal 9.1 x86_64

S.u.S.E. Linux Personal 9.1

S.u.S.E. Linux Personal 9.2

S.u.S.E. Linux Personal 9.2 x86_64

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站