Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

To: thomas@xxxxxxxxxxxxx
Subject: Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
From: itojun@xxxxxxxx
Date: Fri, 16 Jan 2004 12:11:49 +0900 (JST)
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: Your message of "Wed, 14 Jan 2004 18:26:26 +0900 (JST)" <20040114092626.4D3E1A4@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20040114092626.4D3E1A4@xxxxxxxxxxxxxxxxxx>

> > 0 Preface
> > 
> >   Now that most bugs in isakmpd that allowed for unauthorized SA
> >   deletion are "fixed", it's time to release some information on racoon.
> > 
> >   By the way: About 5 months ago I tried to contact the KAME developers.
>       sorry that we did not take necessary actions that time.  the attached
>       patch should remedy the problem (credit: IIJ SEIL team).
>       kame as well as netbsd repository are updated, and vendors are informed.

        the patch i've attached yesterday had endian problem (does not work on
        little-endian machine).  if you are using the code, please pull the
        latest code from KAME anoncvs or ftp://ftp.kame.net/pub/kame/misc.
        sorry about the mess.

itojun

References:
- Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
  - From: itojun

Prev by Date: Multiple MetaDot Vulnerabilities [ All Versions ]
Next by Date: phpShop Vulnerabilities
Previous by thread: Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
Next by thread: Snort-inline
Index(es):
- Date
- Thread