Summary
This host is installed with IPSec-Tools for Linux and is prone to Memory Leakage Vulnerability.
Impact
Successful exploitation will let the attacker cause multiple memory leaks or memory consumption through signature verification during user authentication with X.509 certificates.
Impact level: System/Application
Solution
Upgrade to the latest version 0.7.2
http://ipsec-tools.sourceforge.net
Insight
Multiple memory leaks are cause due to error in eay_check_x509sign function in 'src/racoon/crypto_openssl.c' and NAT Traversal keepalive implementation in 'src/racoon/nattraversal.c' files.
Affected
IPsec Tools version prior to 0.7.2
References
Severity
Classification
-
CVE CVE-2009-1632 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities