Home
Home
    • Blog
    • Clinic
    • Contact
    • Download
    • Video
    • Login

Poll

Favourite console text editor in Ubuntu:

LXer -- Linux and Open Source News

  • Ohio LinuxFest Proves Real FOSS Diversity
  • Clonezilla Live
  • Web Video - Not so free
  • Ubuntu 10.10 beta – an insider’s view
  • Equinox Introduces 2 Other Brilliant Themes, Installation Made Easy via PPA
more

Linux Today

  • Editor's Note: Holiday Tech Fun
  • Mint 9: Minty fresh Linux
  • Amnesia: The Dark Descent Demo Released!
  • Android: the return of the Unix wars?
  • Songbird 1.8.0 adds support for more devices
more

Linux Insider

  • Tablet Skirmish Heats Up With Toshiba Entry
  • Samsung's Galaxy Whirls Into the Tablet Universe
  • Sony's Shocking 'Other OS' Win and Suspect Distro Popularity Trends
  • 2 Smart Backup Apps Show You the Way to Go Home
  • Cloud Computing Calms Open Source Warfare
more

USN-785-1: ipsec-tools vulnerabilities

Submitted by k4tz on Wed, 06/10/2009 - 11:47
  • Linux World
  • Security
  • Ubuntu

===========================================================

Ubuntu Security Notice USN-785-1                                               June 09, 2009

ipsec-tools vulnerabilities

CVE-2009-1574, CVE-2009-1632 ===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 6.06 LTS

Ubuntu 8.04 LTS

Ubuntu 8.10

Ubuntu 9.04

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the following package versions:

Ubuntu 6.06 LTS:

racoon 1:0.6.5-4ubuntu1.3

Ubuntu 8.04 LTS:

racoon 1:0.6.7-1.1ubuntu1.2

Ubuntu 8.10:

racoon 1:0.7-2.1ubuntu1.8.10.1

Ubuntu 9.04:

racoon 1:0.7-2.1ubuntu1.9.04.1

In general, a standard system upgrade is sufficient to effect the necessary changes.

Details follow:

It was discovered that ipsec-tools did not properly handle certain fragmented packets. A remote attacker could send specially crafted packets to the server and cause a denial of service. (CVE-2009-1574)

It was discovered that ipsec-tools did not properly handle memory usage when verifying certificate signatures or processing nat-traversal keep-alive messages. A remote attacker could send specially crafted packets to the server and exhaust available memory, leading to a denial of service. (CVE-2009-1632)

 

Source: http://www.ubuntu.com/usn/USN-785-1

  • Add new comment

Recent blog posts

  • How to install PHP-GTK in Ubuntu 10.04 Lucid Lynx
  • Download Linux Mint 9 "Xfce"
  • ISO Booting with Grub 2 in Ubuntu
  • Howto Fix Rhythmbox Iphone + Ipod Sync Issues in Ubuntu
  • How to install Ubuntu 10.04 on Thinkpad x201
  • Fix for Audio Problem in Dell Studio 1450 in Ubuntu 10.04 (lucid lynx)
  • Howto optimize Flash in Firefox on Ubuntu
  • HP Laserjet P1006 Printer not Working on Ubuntu
  • How to get video recording working with Acer Crystal Eye Webcam on Ubuntu
  • Reset your Windows password and edit the Windows Registry from Ubuntu
more

Linux World

  • Net Neutrality: what does the Google Verizon proposal mean for GNU Linux?
  • Why can't free software lead to hardware innovation?
Archive Syndicate content

Recent comments

  • Re
    34 weeks 4 days ago
  • Re
    34 weeks 4 days ago
  • Re
    35 weeks 4 days ago
  • Re
    36 weeks 1 day ago
  • Re
    36 weeks 5 days ago
  • Re
    36 weeks 5 days ago
  • Re
    37 weeks 4 hours ago
  • iwl3945
    38 weeks 4 days ago
  • HomeBank
    50 weeks 5 days ago
  • KMyMoney and direct connect to banks
    1 year 2 weeks ago
All contents copyright © 2008, Dhuha Net. All rights reserved
Ubuntudoctor® is a member of the Dhuha Network. Privacy Policy
RoopleTheme