CVE-2009-1574

Published: May 6, 2009Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference.

Affected (26)

Products: Ipsec Tools: Ipsec Tools

1 product

Configuration A

26 vulnerable

Vulnerable Software	Affected Versions
Ipsec Tools Ipsec Tools	Up to 0.7.1
Ipsec Tools Ipsec Tools	Version 0.1
Ipsec Tools Ipsec Tools	Version 0.2.1
Ipsec Tools Ipsec Tools	Version 0.2.2
Ipsec Tools Ipsec Tools	Version 0.2.3
Ipsec Tools Ipsec Tools	Version 0.2.4
Ipsec Tools Ipsec Tools	Version 0.2
Ipsec Tools Ipsec Tools	Version 0.3.1
Ipsec Tools Ipsec Tools	Version 0.3.2
Ipsec Tools Ipsec Tools	Version 0.3.3
Ipsec Tools Ipsec Tools	Version 0.3
Ipsec Tools Ipsec Tools	Version 0.3 rc1
Ipsec Tools Ipsec Tools	Version 0.3 rc2
Ipsec Tools Ipsec Tools	Version 0.3 rc3
Ipsec Tools Ipsec Tools	Version 0.3 rc4
Ipsec Tools Ipsec Tools	Version 0.3 rc5
Ipsec Tools Ipsec Tools	Version 0.4
Ipsec Tools Ipsec Tools	Version 0.4 rc1
Ipsec Tools Ipsec Tools	Version 0.5
Ipsec Tools Ipsec Tools	Version 0.6.1
Ipsec Tools Ipsec Tools	Version 0.6.2
Ipsec Tools Ipsec Tools	Version 0.6.3
Ipsec Tools Ipsec Tools	Version 0.6.4
Ipsec Tools Ipsec Tools	Version 0.6.5
Ipsec Tools Ipsec Tools	Version 0.6.6
Ipsec Tools Ipsec Tools	Version 0.7

References (56)

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

Source: cve@mitre.org

http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

Source: cve@mitre.org

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

Source: cve@mitre.org

http://secunia.com/advisories/35113

Source: cve@mitre.org

http://secunia.com/advisories/35153

Source: cve@mitre.org

http://secunia.com/advisories/35159

Source: cve@mitre.org

http://secunia.com/advisories/35212

Source: cve@mitre.org

http://secunia.com/advisories/35404

Source: cve@mitre.org

http://secunia.com/advisories/35685

Source: cve@mitre.org

http://security.gentoo.org/glsa/glsa-200905-03.xml

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?group_id=74601&release_id=677611

Source: cve@mitre.org

http://support.apple.com/kb/HT3937

Source: cve@mitre.org

http://support.apple.com/kb/HT4298

Source: cve@mitre.org

http://www.debian.org/security/2009/dsa-1804

Source: cve@mitre.org

http://www.mandriva.com/security/advisories?name=MDVSA-2009:112

Source: cve@mitre.org

http://www.openwall.com/lists/oss-security/2009/04/29/6

Source: cve@mitre.org

Patch

http://www.openwall.com/lists/oss-security/2009/05/04/3

Source: cve@mitre.org

Patch

http://www.redhat.com/support/errata/RHSA-2009-1036.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/34765

Source: cve@mitre.org

http://www.ubuntu.com/usn/USN-785-1

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2009/3184

Source: cve@mitre.org

https://bugzilla.redhat.com/show_bug.cgi?id=497990

Source: cve@mitre.org

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/50412

Source: cve@mitre.org

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9624

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00725.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00746.html

Source: cve@mitre.org

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00789.html

Source: cve@mitre.org

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35113

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35153

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35159

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35212

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35404

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/35685

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-200905-03.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://sourceforge.net/project/shownotes.php?group_id=74601&release_id=677611

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT3937

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT4298

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2009/dsa-1804

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2009:112

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2009/04/29/6

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.openwall.com/lists/oss-security/2009/05/04/3

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.redhat.com/support/errata/RHSA-2009-1036.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/34765

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-785-1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2009/3184

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=497990

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

https://exchange.xforce.ibmcloud.com/vulnerabilities/50412

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9624

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00725.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00746.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00789.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.