CVE - CVE-2009-1632

CVE-ID
CVE-2009-1632	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
APPLE:APPLE-SA-2009-11-09-1 URL:http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html BID:34765 URL:http://www.securityfocus.com/bid/34765 CONFIRM:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c CONFIRM:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/crypto_openssl.c.diff?r1=1.11.6.4&r2=1.11.6.5&f=h CONFIRM:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c CONFIRM:http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/nattraversal.c.diff?r1=1.6&r2=1.6.6.1&f=h CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 CONFIRM:http://sourceforge.net/project/shownotes.php?group_id=74601&release_id=677611 CONFIRM:http://support.apple.com/kb/HT3937 CONFIRM:https://trac.ipsec-tools.net/ticket/303 DEBIAN:DSA-1804 URL:http://www.debian.org/security/2009/dsa-1804 GENTOO:GLSA-200905-03 URL:http://security.gentoo.org/glsa/glsa-200905-03.xml MANDRIVA:MDVSA-2009:114 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:114~~ (Obsolete source) MLIST:[ipsec-tools-announce] 20090422 Ipsec-tools 0.7.2 released URL:http://sourceforge.net/mailarchive/forum.php?thread_name=20090422151825.GB46988%40zeninc.net&forum_name=ipsec-tools-announce MLIST:[oss-security] 20090429 ipsec-tools 0.7.2 URL:http://marc.info/?l=oss-security&m=124101704828036&w=2 MLIST:[oss-security] 20090512 Re: ipsec-tools 0.7.2 URL:http://www.openwall.com/lists/oss-security/2009/05/12/3 OVAL:oval:org.mitre.oval:def:10581 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10581 REDHAT:RHSA-2009:1036 URL:http://www.redhat.com/support/errata/RHSA-2009-1036.html SECUNIA:35153 URL:http://secunia.com/advisories/35153 SECUNIA:35159 URL:http://secunia.com/advisories/35159 SECUNIA:35212 URL:http://secunia.com/advisories/35212 SECUNIA:35404 URL:http://secunia.com/advisories/35404 SECUNIA:35685 URL:http://secunia.com/advisories/35685 SUSE:SUSE-SR:2009:012 URL:http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html UBUNTU:USN-785-1 URL:http://www.ubuntu.com/usn/USN-785-1 VUPEN:ADV-2009-3184 URL:~~http://www.vupen.com/english/advisories/2009/3184~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20090514	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20090514)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)