Summary
This host is installed with IPSec-Tools for Linux and is prone to Memory Leakage Vulnerability.
Impact
Successful exploitation will let the attacker cause multiple memory leaks or memory consumption through signature verification during user authentication with X.509 certificates.
Impact level: System/Application
Solution
Upgrade to the latest version 0.7.2
http://ipsec-tools.sourceforge.net
Insight
Multiple memory leaks are cause due to error in eay_check_x509sign function in 'src/racoon/crypto_openssl.c' and NAT Traversal keepalive implementation in 'src/racoon/nattraversal.c' files.
Affected
IPsec Tools version prior to 0.7.2
References
Severity
Classification
-
CVE CVE-2009-1632 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple Safari WebKit Property Memory Leak Remote DoS Vulnerability
- Comodo Internet Security Denial of Service Vulnerability-04
- Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
- avast! AntiVirus Multiple BOF Vulnerabilities (Linux)
- at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability