[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon

To: thomas@thinknerd.org
Subject: Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
From: itojun@kame.net
Date: Fri, 16 Jan 2004 12:11:49 +0900 (JST)

> > 0 Preface
> > 
> >   Now that most bugs in isakmpd that allowed for unauthorized SA
> >   deletion are "fixed", it's time to release some information on racoon.
> > 
> >   By the way: About 5 months ago I tried to contact the KAME developers.
>       sorry that we did not take necessary actions that time.  the attached
>       patch should remedy the problem (credit: IIJ SEIL team).
>       kame as well as netbsd repository are updated, and vendors are informed.

        the patch i've attached yesterday had endian problem (does not work on
        little-endian machine).  if you are using the code, please pull the
        latest code from KAME anoncvs or ftp://ftp.kame.net/pub/kame/misc.
        sorry about the mess.

itojun

References:
- Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
  - From: itojun@kame.net

Prev by Date: [OpenPKG-SA-2004.002] OpenPKG Security Advisory (tcpdump)
Next by Date: Xtreme ASP Photo Gallery
Previous by thread: Re: unauthorized deletion of IPsec (and ISAKMP) SAs in racoon
Next by thread: Snort-inline
Index(es):
- Date
- Thread