Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Mandriva Security Update Fixes IPsec-Tools Denial of Service Issues

Title : Mandriva Security Update Fixes IPsec-Tools Denial of Service Issues
VUPEN ID : VUPEN/ADV-2008-2450
CVE ID : CVE-2008-3651 - CVE-2008-3652
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2008-08-29

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Two vulnerabilities have been identified in Mandriva, which could be exploited by attackers to cause a denial of service. These issues are caused by errors in IPsec-Tools. For additional information, see : VUPEN/ADV-2008-2345 - VUPEN/ADV-2008-2378

Affected Products

Mandriva Linux 2007.1
Mandriva Linux 2008.0
Mandriva Linux 2008.1
Mandriva Corporate 4.0,
Mandriva Multi Network Firewall 2.0

Solution

Upgrade the affected packages :

Mandriva Linux 2007.1:
e3a12410fab45488a49034076c096a12 2007.1/i586/ipsec-tools-0.6.6-2.2mdv2007.1.i586.rpm
eeb78f3ca87a91c05c69f39c13119899 2007.1/i586/libipsec0-0.6.6-2.2mdv2007.1.i586.rpm
e2014baecdcc1243e1711bb3bc4330bf 2007.1/i586/libipsec0-devel-0.6.6-2.2mdv2007.1.i586.rpm
255d8527872be4d72bbbac8be7866683 2007.1/SRPMS/ipsec-tools-0.6.6-2.2mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
cab88fba0361f7ad10d92fe4a0bcf5cf 2007.1/x86_64/ipsec-tools-0.6.6-2.2mdv2007.1.x86_64.rpm
ce73d466b05959f8432546fcc2154bdd 2007.1/x86_64/lib64ipsec0-0.6.6-2.2mdv2007.1.x86_64.rpm
7a29d409c432f251e58829479bb30c44 2007.1/x86_64/lib64ipsec0-devel-0.6.6-2.2mdv2007.1.x86_64.rpm
255d8527872be4d72bbbac8be7866683 2007.1/SRPMS/ipsec-tools-0.6.6-2.2mdv2007.1.src.rpm

Mandriva Linux 2008.0:
f969998276a204a0f102183746004665 2008.0/i586/ipsec-tools-0.6.7-1.1mdv2008.0.i586.rpm
7c16efad4b9bce8cf1ba6f3457cc58f6 2008.0/i586/libipsec0-0.6.7-1.1mdv2008.0.i586.rpm
23da7349d57158b08d2673d57d53fc50 2008.0/i586/libipsec0-devel-0.6.7-1.1mdv2008.0.i586.rpm
ef1478d445cbf1b5f80f776ec7d7752c 2008.0/SRPMS/ipsec-tools-0.6.7-1.1mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
cbeb6df9cbf7c62d235d6408ad25b1a9 2008.0/x86_64/ipsec-tools-0.6.7-1.1mdv2008.0.x86_64.rpm
b04fcb7ccbd32e801d41c4d83a7a57d9 2008.0/x86_64/lib64ipsec0-0.6.7-1.1mdv2008.0.x86_64.rpm
6f813c88f3990506069e459957bc43d7 2008.0/x86_64/lib64ipsec0-devel-0.6.7-1.1mdv2008.0.x86_64.rpm
ef1478d445cbf1b5f80f776ec7d7752c 2008.0/SRPMS/ipsec-tools-0.6.7-1.1mdv2008.0.src.rpm

Mandriva Linux 2008.1:
3be558f00238da24b450c34534914845 2008.1/i586/ipsec-tools-0.7-1.1mdv2008.1.i586.rpm
582922de31e7c3549337c68ccd948a94 2008.1/i586/libipsec0-0.7-1.1mdv2008.1.i586.rpm
55aa0129f04bfa0b3fd79eeb40e0e76f 2008.1/i586/libipsec-devel-0.7-1.1mdv2008.1.i586.rpm
36a949ae25bcdc895ba024450f910d9a 2008.1/SRPMS/ipsec-tools-0.7-1.1mdv2008.1.src.rpm

Mandriva Linux 2008.1/X86_64:
ca6754c65ae12d91cc9eba32009ea6a9 2008.1/x86_64/ipsec-tools-0.7-1.1mdv2008.1.x86_64.rpm
e74682fd89ee6649d41e03c5135faebe 2008.1/x86_64/lib64ipsec0-0.7-1.1mdv2008.1.x86_64.rpm
55d777ad6fe96f53fa6ca436b5921580 2008.1/x86_64/lib64ipsec-devel-0.7-1.1mdv2008.1.x86_64.rpm
36a949ae25bcdc895ba024450f910d9a 2008.1/SRPMS/ipsec-tools-0.7-1.1mdv2008.1.src.rpm

Corporate 4.0:
c5146f5b46e8386687a1b37fe0dc29f9 corporate/4.0/i586/ipsec-tools-0.6.5-2.2.20060mlcs4.i586.rpm
9c25c57f06839afbf55dd31547000721 corporate/4.0/i586/libipsec0-0.6.5-2.2.20060mlcs4.i586.rpm
a565fab7f9c3ef0d48ced13bd9c84500 corporate/4.0/i586/libipsec0-devel-0.6.5-2.2.20060mlcs4.i586.rpm
87221b03544e9e9cb10491e8504813b0 corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
a1ee7dd60a3ea3471b5de7a8ab875735 corporate/4.0/x86_64/ipsec-tools-0.6.5-2.2.20060mlcs4.x86_64.rpm
93ac29406969dfbcccd77858c3edb553 corporate/4.0/x86_64/lib64ipsec0-0.6.5-2.2.20060mlcs4.x86_64.rpm
268e50439113279ce14068f54d0895a8 corporate/4.0/x86_64/lib64ipsec0-devel-0.6.5-2.2.20060mlcs4.x86_64.rpm
87221b03544e9e9cb10491e8504813b0 corporate/4.0/SRPMS/ipsec-tools-0.6.5-2.2.20060mlcs4.src.rpm

Multi Network Firewall 2.0:
656584e7399fcf363ea0462e51df9baa mnf/2.0/i586/ipsec-tools-0.2.5-0.6.M20mdk.i586.rpm
c4ffd9b8ed40fd575eac7828af27ef63 mnf/2.0/i586/libipsec-tools0-0.2.5-0.6.M20mdk.i586.rpm
eb56a9bdcfbddbf8b4ff37fcb9bd9b45 mnf/2.0/SRPMS/ipsec-tools-0.2.5-0.6.M20mdk.src.rpm

References

http://www.vupen.com/english/advisories/2008/2450
http://archives.mandrivalinux.com/security-announce/2008-08/msg00027.php

ChangeLog

2008-08-29 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy