New Search

Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation related to src/racoon/nattraversal.c.

oval:org.mitre.oval:def:10581

Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation related to src/racoon/nattraversal.c.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2009-1632
Product(s):