FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
35431f79-fe3e-11e4-ba63-000c292ee6b8ipsec-tools -- Memory leak leading to denial of service

Javantea reports:

It is a null dereference crash, leading to denial of service against the IKE daemon.


Discovery 2015-05-18
Entry 2015-05-19
ipsec-tools
< 0.8.2_1

https://www.altsci.com/ipsec/
974a6d32-3fda-11e8-aea4-001b216d295bipsec-tools -- remotely exploitable computational-complexity attack

Robert Foggia via NetBSD GNATS reports:

The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending isakmp fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.


Discovery 2016-12-02
Entry 2018-04-14
ipsec-tools
< 0.8.2_3

https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682
CVE-2016-10396
abcacb5a-e7f1-11dd-afcd-00e0815b8da8ipset-tools -- Denial of Service Vulnerabilities

SecurityFocus reports:

IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets.

A successful attack allows a remote attacker to crash the software, denying further service to legitimate users.


Discovery 2008-07-28
Entry 2009-01-21
ipsec-tools
< 0.7.1

30657
CVE-2008-3651
CVE-2008-3652
http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2