CVE-2008-3651

Public PoC / Exploit

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Memory leak in racoon/proposal.c in the racoon daemon in ipsec-tools before 0.7.1 allows remote authenticated users to cause a denial of service (memory consumption) via invalid proposals.

Weaknesses (CWE)

CWE-200

Affected Products (12)

linux · ipsec_tools_racoon_daemonvulnerable

References (20)

http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html

http://lists.apple.com/archives/security-announce/2009/May/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html

http://marc.info/?l=ipsec-tools-devel&m=121688914101709&w=2

http://secunia.com/advisories/31450

http://secunia.com/advisories/31624

http://secunia.com/advisories/32759

http://secunia.com/advisories/32971

http://secunia.com/advisories/35074

http://security.gentoo.org/glsa/glsa-200812-03.xml

http://sourceforge.net/mailarchive/message.php?msg_name=20080724084529.GA3768%40zen.inc