home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Tue, 13 Dec 2005 21:49:40 +0100 (CET) From: Paul Wouters <paul@xelerance.com> To: Thierry Carrez <koon@gentoo.org> Cc: gentoo-announce@lists.gentoo.org, bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk, security-alerts@linuxsecurity.com In-Reply-To: <439D8C37.10802@gentoo.org> Message-ID: <Pine.LNX.4.63.0512132146180.12269@newpack.xtdnet.nl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-xtdnet-MailScanner-From: paul@xelerance.com On Mon, 12 Dec 2005, Thierry Carrez wrote: > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > Gentoo Linux Security Advisory GLSA 200512-04 > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > http://security.gentoo.org/ > - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - > > Severity: Normal > Title: Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol > implementation > Date: December 12, 2005 > Bugs: #112568, #113201 > ID: 200512-04 > Openswan and IPsec-Tools suffer from an implementation flaw which may > allow a Denial of Service attack. That is correct (for openswan) > Impact > ====== > > A remote attacker can create a specially crafted packet using 3DES with > an invalid key length, resulting in a Denial of Service attack, format > string vulnerabilities or buffer overflows. That's a copy and paste from the IPsec proto testsuite. 1) It conflicts with the above comment that this is only a DOS 2) It's incorrect (for openswan) > Workaround > ========== > > Avoid using "aggressive mode" in ISAKMP Phase 1, which exchanges > information between the sides before there is a secure channel. In fact, you would to both have aggressive mode enabled AND know the PSK. If you have those two enabled, you are vulnerable to a MITM anyway, since any client knowing the PSK can pretend to be the IPsec security gateway. Paul
home | help | back | first | fref | pref | prev | next | nref | lref | last | post |