Summary
The remote host is missing an update to freeswan
announced via advisory DSA 201-1.
Solution
https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20201-1
Insight
Bindview discovered a problem in several IPSEC implementations that do not properly handle certain very short packets. IPSEC is a set of security extensions to IP which provide authentication and encryption.
Free/SWan in Debain is affected by this and is said to cause a kernel panic.
This problem has been fixed in version 1.96-1.4 for the current stable distribution (woody) and in version 1.99-1 for the unstable distribution (sid). The old stable distribution (potato) does not contain Free/SWan packages.
We recommend that you upgrade your freeswan package.
Severity
Classification
-
CVE CVE-2002-0666 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities