var-200905-0196
Vulnerability from variot
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. Ipsec-tools of racoon/isakmp_frag.c Has a deficiency in handling fragmented packets with no payload, resulting in denial of service (DoS) There is a vulnerability that becomes a condition.Service operation disruption to a third party (DoS) There is a possibility of being put into a state. IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets. Versions prior to IPsec-Tools 0.7.2 are vulnerable. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2010-12-16-1 Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2
Time Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 is now available and addresses the following:
CVE-ID: CVE-2008-4309 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: A remote attacker may terminate the operation of the SNMP service Description: An integer overflow exists in the netsnmp_create_subtree_cache function. By default, the 'WAN SNMP' configuration option is disabled, and the SNMP service is accessible only to other devices on the local network. This issue is addressed by applying the Net-SNMP patches.
CVE-ID: CVE-2009-2189 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: Receiving a large number of IPv6 Router Advertisement (RA) and Neighbor Discovery (ND) packets from a system on the local network may cause the base station to restart Description: A resource consumption issue exists in the base station's handling of Router Advertisement (RA) and Neighbor Discovery (ND) packets. A system on the local network may send a large number of RA and ND packets that could exhaust the base station's resources, causing it to restart unexpectedly. This issue is addressed by rate limiting incoming ICMPv6 packets. Credit to Shoichi Sakane of the KAME project, Kanai Akira of Internet Multifeed Co., Shirahata Shin and Rodney Van Meter of Keio University, and Tatuya Jinmei of Internet Systems Consortium, Inc. for reporting this issue.
CVE-ID: CVE-2010-0039 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: An attacker may be able to query services behind an AirPort Base Station or Time Capsule's NAT from the source IP of the router, if any system behind the NAT has a portmapped FTP server Description: The AirPort Extreme Base Station and Time Capsule's Application-Level Gateway (ALG) rewrites incoming FTP traffic, including PORT commands, to appear as if it is the source. An attacker with write access to an FTP server inside the NAT may issue a malicious PORT command, causing the ALG to send attacker-supplied data to an IP and port behind the NAT. As the data is resent from the Base Station, it could potentially bypass any IP-based restrictions for the service. This issue is addressed by not rewriting inbound PORT commands via the ALG. Credit to Sabahattin Gucukoglu for reporting this issue. This issue is addressed through improved validation of fragmented ISAKMP packets.
CVE-ID: CVE-2010-1804 Available for: AirPort Extreme Base Station with 802.11n, AirPort Express Base Station with 802.11n, Time Capsule Impact: A remote attacker may cause the device to stop processing network traffic Description: An implementation issue exists in the network bridge. Sending a maliciously crafted DHCP reply to the device may cause it to stop responding to network traffic. This issue affects devices that have been configured to act as a bridge, or are configured in Network Address Translation (NAT) mode with a default host enabled. By default, the device operates in NAT mode, and no default host is configured. This update addresses the issue through improved handling of DHCP packets on the network bridge. Credit to Stefan R. Filipek for reporting this issue.
Installation note for Firmware version 7.5.2
Firmware version 7.5.2 is installed into Time Capsule or AirPort Base Station with 802.11n via AirPort Utility, provided with the device.
It is recommended that AirPort Utility 5.5.2 be installed before upgrading to Firmware version 7.5.2.
AirPort Utility 5.5.2 may be obtained through Apple's Software Download site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin)
iQEcBAEBAgAGBQJNCWXyAAoJEGnF2JsdZQeevTQH/0856gTUzzmL371/nSkhn3qq MCPQVaEMe8O/jy96nlskwzp3X0X0QmXePok1enp6QhDhHm0YL3a4q7YHd4zjm6mM JUoVR4JJRSKOb1bVdEXqo+qG/PH7/5ywfrGas+MjOshMa3gnhYVee39N7Xtz0pHD 3ZllZRwGwad1sQLL7DhJKZ92z6t2GfHoJyK4LZNemkQAL1HyUu7Hj9SlljcVB+Ub xNnpmBXJcCZzp4nRQM+fbLf6bdZ1ua5DTc1pXC8vETtxyHc53G/vLCu8SKBnTBlK JmkpGwG5fXNuYLL8ArFUuEu3zhE7kfdeftUrEez3YeL2DgU9iB8m8RkuuSrVJEY= =WPH8 -----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200905-03
http://security.gentoo.org/
Severity: Normal Title: IPSec Tools: Denial of Service Date: May 24, 2009 Bugs: #267135 ID: 200905-03
Synopsis
Multiple errors in the IPSec Tools racoon daemon might allow remote attackers to cause a Denial of Service.
Background
The IPSec Tools are a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation. They include racoon, an Internet Key Exchange daemon for automatically keying IPsec connections.
- Multiple memory leaks exist in (1) the eay_check_x509sign() function in racoon/crypto_openssl.c and (2) racoon/nattraversal.c (CVE-2009-1632).
Workaround
There is no known workaround at this time.
Resolution
All IPSec Tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-firewall/ipsec-tools-0.7.2"
References
[ 1 ] CVE-2009-1574 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574 [ 2 ] CVE-2009-1632 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
http://security.gentoo.org/glsa/glsa-200905-03.xml
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at http://bugs.gentoo.org.
License
Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Debian Security Advisory DSA-1804-1 security@debian.org http://www.debian.org/security/ Nico Golde May 20th, 2009 http://www.debian.org/security/faq
Package : ipsec-tools Vulnerability : null pointer dereference, memory leaks Problem type : remote Debian-specific: no Debian bug : 527634 528933 CVE ID : CVE-2009-1574 CVE-2009-1632
Several remote vulnerabilities have been discovered in racoon, the Internet Key Exchange daemon of ipsec-tools. This results in the daemon crashing which can be used for denial of service attacks (CVE-2009-1574).
Various memory leaks in the X.509 certificate authentication handling and the NAT-Traversal keepalive implementation can result in memory exhaustion and thus denial of service (CVE-2009-1632).
For the oldstable distribution (etch), this problem has been fixed in version 0.6.6-3.1etch3.
For the stable distribution (lenny), this problem has been fixed in version 0.7.1-1.3+lenny2.
For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in version 1:0.7.1-1.5.
We recommend that you upgrade your ipsec-tools packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Debian (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc Size/MD5 checksum: 722 8b561cf84ac9c46ec07b037ce3ad06f1 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz Size/MD5 checksum: 49875 7444fb4ad448ccfffe878801a2b88d2e
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb Size/MD5 checksum: 343790 9cee9f8c479a3a2952d2913d7bdc4c5d http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb Size/MD5 checksum: 89184 5ccd4554eec28da6d933dc20a8a39393
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb Size/MD5 checksum: 325706 9ce7988b74bccee252be7dac7ac8b5f7 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb Size/MD5 checksum: 89748 513ded0e4a33200710444e1bf4ab67d8
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb Size/MD5 checksum: 353066 c56644b426ae945ca420d4ca37fc3f2a http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb Size/MD5 checksum: 94092 80b46b6fd60e857c84c588432b098957
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb Size/MD5 checksum: 330258 b905d30958bd5c51d355f286f81b8be1 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb Size/MD5 checksum: 85046 294ccbc4b51e4942edaeec7cd746dfa3
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb Size/MD5 checksum: 113356 111f0daa2075584c100efc9c11ecef73 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb Size/MD5 checksum: 468296 bd4d69b5e0d4ee39ec564e1304f7649c
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb Size/MD5 checksum: 89018 b6af57d65d43a7433132bee9657ba608 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb Size/MD5 checksum: 344558 aba2d85d5196c2a46555ad9e478d338a
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb Size/MD5 checksum: 346856 97e04d97bdd55f852392d7461bad7f4d http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb Size/MD5 checksum: 90308 9e780cda3df3384d0f1e33637d003f21
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb Size/MD5 checksum: 91048 98174626d8ad1fba940c81001c337a4f http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb Size/MD5 checksum: 337266 9f636e6d8904103b0096a4eed99e9cae
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb Size/MD5 checksum: 341586 b42ddbad323dcdbd775d502f786ab449 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb Size/MD5 checksum: 90750 62d4c3e618a6c69d532b8d8d33bb27b9
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb Size/MD5 checksum: 85710 9f1f526be4f2df4eb64d46023d87c6b3 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb Size/MD5 checksum: 317136 38e50e9d97b46b51d12429b9ea727858
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz Size/MD5 checksum: 49472 4bc8ba2bd520a7514f2c33021c64e8ce http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz Size/MD5 checksum: 1039057 ddff5ec5a06b804ca23dc41268368853 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc Size/MD5 checksum: 1144 46d3f28156ee183512a451588ef414e4
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb Size/MD5 checksum: 428532 052c13540da3fab19fdca83e9a389a39 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb Size/MD5 checksum: 114088 78065dd99d3732291e8d499383af17d9
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb Size/MD5 checksum: 409514 a421f12270f5b22639d67be8d2cc8b4e http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb Size/MD5 checksum: 104612 9ec93c697cf64232728d0dd5658efac8
arm architecture (ARM)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb Size/MD5 checksum: 104604 78fa45a7e0503e4ee87e7508294cb0b0 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb Size/MD5 checksum: 381692 f1943edf9599189d16a2f936fa971abc
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb Size/MD5 checksum: 387510 63ebe895d019d2362a0a11a0de0842c6 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb Size/MD5 checksum: 104268 6c224349c910ffce5bb892f2a06dc243
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb Size/MD5 checksum: 375004 5a43cbb6106d576ab686e9e4eb78c245 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb Size/MD5 checksum: 99098 6c81df8c4653265f10ad6abf68091329
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb Size/MD5 checksum: 131288 dfa8646655028ae53bddad7f41e9f3a4 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb Size/MD5 checksum: 544150 8e274b6b73125efe0fa8392398e0c5ea
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb Size/MD5 checksum: 103502 5bd00dfdef0862a63bb666ed949e26ef http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb Size/MD5 checksum: 388820 46fc10315192943b912126fe68ffeea9
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb Size/MD5 checksum: 104216 a271cb33c891084479ed441945672f14 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb Size/MD5 checksum: 390562 352f78906e08ddb861053dfed30640bf
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb Size/MD5 checksum: 403162 0210fa37088d78ee9aa53395aa0148e8 http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb Size/MD5 checksum: 109438 26f043be5fb248d33b605d1987fa472a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb Size/MD5 checksum: 107474 aa6203b0e9e6dacbe39520be6b849eea http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb Size/MD5 checksum: 399386 e965abdcf32838fff7753e789e703205
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb Size/MD5 checksum: 102486 57b2e115a15e08518f00158c1fe36cf2 http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb Size/MD5 checksum: 373916 7e2278ac7b4f0b352814ad2f55b1213a
These files will probably be moved into the stable distribution on its next update.
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show
iEYEARECAAYFAkoUDnMACgkQHYflSXNkfP8LtgCdF9LmW/TOn9JDPTVGlt+7dccI 3MYAoJVcwmqHztsGgCgBps9hyqzrQJ5l =84V/ -----END PGP SIGNATURE----- .
Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue.
Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update.
Update:
Packages for 2008.0 are being provided due to extended support for Corporate products.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574
Updated Packages:
Mandriva Linux 2008.0: 8256debb7fe84394de70499907060de6 2008.0/i586/flex-2.5.33-2.1mdv2008.0.i586.rpm c03c0f9fe8f564ea777b82789ac95f41 2008.0/i586/ipsec-tools-0.7.2-0.1mdv2008.0.i586.rpm 9da2195c693a7fe40f7afb3c5806aaca 2008.0/i586/libipsec0-0.7.2-0.1mdv2008.0.i586.rpm 29dcc9414a59cba30ce801b9fef416a6 2008.0/i586/libipsec-devel-0.7.2-0.1mdv2008.0.i586.rpm b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 36c5d0eb92197c814b90c814d21d3372 2008.0/x86_64/flex-2.5.33-2.1mdv2008.0.x86_64.rpm 7a976c988badcb9fae93509acfe99aa2 2008.0/x86_64/ipsec-tools-0.7.2-0.1mdv2008.0.x86_64.rpm 85b8ed6e328b048c13eb503bfee8dcdc 2008.0/x86_64/lib64ipsec0-0.7.2-0.1mdv2008.0.x86_64.rpm a22f34f1cfac38c9029eb032e3257285 2008.0/x86_64/lib64ipsec-devel-0.7.2-0.1mdv2008.0.x86_64.rpm b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. =========================================================== Ubuntu Security Notice USN-785-1 June 09, 2009 ipsec-tools vulnerabilities CVE-2009-1574, CVE-2009-1632 ===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS Ubuntu 8.04 LTS Ubuntu 8.10 Ubuntu 9.04
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: racoon 1:0.6.5-4ubuntu1.3
Ubuntu 8.04 LTS: racoon 1:0.6.7-1.1ubuntu1.2
Ubuntu 8.10: racoon 1:0.7-2.1ubuntu1.8.10.1
Ubuntu 9.04: racoon 1:0.7-2.1ubuntu1.9.04.1
In general, a standard system upgrade is sufficient to effect the necessary changes. (CVE-2009-1574)
It was discovered that ipsec-tools did not properly handle memory usage when verifying certificate signatures or processing nat-traversal keep-alive messages
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200905-0196",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.3.3"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.3.2"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.3.1"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.3"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.2.4"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.2.3"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.2.2"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.2.1"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.2"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.9,
"vendor": "ipsec tools",
"version": "0.1"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.3,
"vendor": "ipsec tools",
"version": "0.6.6"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.3,
"vendor": "ipsec tools",
"version": "0.6.3"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.3,
"vendor": "ipsec tools",
"version": "0.6.2"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.3,
"vendor": "ipsec tools",
"version": "0.6.1"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.3,
"vendor": "ipsec tools",
"version": "0.5"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.3,
"vendor": "ipsec tools",
"version": "0.7"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.0,
"vendor": "ipsec tools",
"version": "0.4"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.0,
"vendor": "ipsec tools",
"version": "0.6.5"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 1.0,
"vendor": "ipsec tools",
"version": "0.6.4"
},
{
"model": "ipsec-tools",
"scope": "lte",
"trust": 1.0,
"vendor": "ipsec tools",
"version": "0.7.1"
},
{
"model": "ipsec-tools",
"scope": "lt",
"trust": 0.8,
"vendor": "ipsec tools",
"version": "0.7.2"
},
{
"model": "airmac express",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "base station (802.11n)"
},
{
"model": "airmac extreme",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "base station (802.11n)"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.5.8"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.6.1"
},
{
"model": "time capsule",
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86)"
},
{
"model": "asianux server",
"scope": "eq",
"trust": 0.8,
"vendor": "cybertrust",
"version": "3 (x86-64)"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5 (server)"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.0 (client)"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "5.3.z (server)"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11"
},
{
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp2 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "linux enterprise sp1 debuginfo",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10.3"
},
{
"model": "suse linux enterprise server rt solution",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "100"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.1"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "s u s e",
"version": "11.0"
},
{
"model": "hat fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "9"
},
{
"model": "hat fedora",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "10"
},
{
"model": "hat enterprise linux eus 5.3.z server",
"scope": null,
"trust": 0.3,
"vendor": "red",
"version": null
},
{
"model": "hat enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.1"
},
{
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.7.1"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.6.7"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.6"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.5.2"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.5.1"
},
{
"model": "ipsec-tools rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.4"
},
{
"model": "ipsec-tools rc5",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.3"
},
{
"model": "ipsec-tools rc4",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.3"
},
{
"model": "ipsec-tools rc3",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.3"
},
{
"model": "ipsec-tools rc2",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.3"
},
{
"model": "ipsec-tools rc1",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.3"
},
{
"model": "ipsec-tools",
"scope": "eq",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.2.5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"model": "time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.5"
},
{
"model": "time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.2"
},
{
"model": "time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "time capsule",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os server",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.11"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.10"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.9"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.8"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.7"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.5"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.4"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.2"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3.1"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.3"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6"
},
{
"model": "mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "x10.5"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.2"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.3.1"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.2.1"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.7"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "5.5"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.5"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.1"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.0"
},
{
"model": "airport extreme base station with 802.11n",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "airport extreme base station",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "airport extreme",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.3"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "6.1"
},
{
"model": "airport express base station with 802.11n",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "7.4.1"
},
{
"model": "airport express",
"scope": "eq",
"trust": 0.3,
"vendor": "apple",
"version": "0"
},
{
"model": "ipsec-tools",
"scope": "ne",
"trust": 0.3,
"vendor": "ipsec tools",
"version": "0.7.2"
},
{
"model": "time capsule",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.5.2"
},
{
"model": "mac os server",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "x10.6.2"
},
{
"model": "airport extreme base station with 802.11n",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.5.2"
},
{
"model": "airport express base station with 802.11n",
"scope": "ne",
"trust": 0.3,
"vendor": "apple",
"version": "7.5.2"
}
],
"sources": [
{
"db": "BID",
"id": "34765"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
},
{
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.4:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3:rc4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.2.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.6.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.3:rc5:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.2.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ipsec-tools:ipsec-tools:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "0.7.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Neil Kettle, stephen.bevan, and the vendor.",
"sources": [
{
"db": "BID",
"id": "34765"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
}
],
"trust": 0.9
},
"cve": "CVE-2009-1574",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2009-1574",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-1574",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200905-078",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2009-1574",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
},
{
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference. Ipsec-tools of racoon/isakmp_frag.c Has a deficiency in handling fragmented packets with no payload, resulting in denial of service (DoS) There is a vulnerability that becomes a condition.Service operation disruption to a third party (DoS) There is a possibility of being put into a state. IPsec-Tools is affected by multiple remote denial-of-service vulnerabilities because the software fails to properly handle certain network packets. \nVersions prior to IPsec-Tools 0.7.2 are vulnerable. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2010-12-16-1 Time Capsule and AirPort Base Station\n(802.11n) Firmware 7.5.2\n\nTime Capsule and AirPort Base Station (802.11n) Firmware 7.5.2 is\nnow available and addresses the following:\n\nCVE-ID: CVE-2008-4309\nAvailable for: AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact: A remote attacker may terminate the operation of the SNMP\nservice\nDescription: An integer overflow exists in the\nnetsnmp_create_subtree_cache function. By default, the\n\u0027WAN SNMP\u0027 configuration option is disabled, and the SNMP service is\naccessible only to other devices on the local network. This issue is\naddressed by applying the Net-SNMP patches. \n\nCVE-ID: CVE-2009-2189\nAvailable for: AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact: Receiving a large number of IPv6 Router Advertisement (RA)\nand Neighbor Discovery (ND) packets from a system on the local\nnetwork may cause the base station to restart\nDescription: A resource consumption issue exists in the base\nstation\u0027s handling of Router Advertisement (RA) and Neighbor\nDiscovery (ND) packets. A system on the local network may send a\nlarge number of RA and ND packets that could exhaust the base\nstation\u0027s resources, causing it to restart unexpectedly. This issue\nis addressed by rate limiting incoming ICMPv6 packets. Credit to\nShoichi Sakane of the KAME project, Kanai Akira of Internet Multifeed\nCo., Shirahata Shin and Rodney Van Meter of Keio University, and\nTatuya Jinmei of Internet Systems Consortium, Inc. for reporting this\nissue. \n\nCVE-ID: CVE-2010-0039\nAvailable for: AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact: An attacker may be able to query services behind an AirPort\nBase Station or Time Capsule\u0027s NAT from the source IP of the router,\nif any system behind the NAT has a portmapped FTP server\nDescription: The AirPort Extreme Base Station and Time Capsule\u0027s\nApplication-Level Gateway (ALG) rewrites incoming FTP traffic,\nincluding PORT commands, to appear as if it is the source. An\nattacker with write access to an FTP server inside the NAT may issue\na malicious PORT command, causing the ALG to send attacker-supplied\ndata to an IP and port behind the NAT. As the data is resent from the\nBase Station, it could potentially bypass any IP-based restrictions\nfor the service. This issue is addressed by not rewriting inbound\nPORT commands via the ALG. Credit to Sabahattin Gucukoglu for\nreporting this issue. This issue is addressed\nthrough improved validation of fragmented ISAKMP packets. \n\nCVE-ID: CVE-2010-1804\nAvailable for: AirPort Extreme Base Station with 802.11n,\nAirPort Express Base Station with 802.11n, Time Capsule\nImpact: A remote attacker may cause the device to stop processing\nnetwork traffic\nDescription: An implementation issue exists in the network bridge. \nSending a maliciously crafted DHCP reply to the device may cause it\nto stop responding to network traffic. This issue affects devices\nthat have been configured to act as a bridge, or are configured in\nNetwork Address Translation (NAT) mode with a default host enabled. \nBy default, the device operates in NAT mode, and no default host is\nconfigured. This update addresses the issue through improved handling\nof DHCP packets on the network bridge. Credit to Stefan R. Filipek\nfor reporting this issue. \n\n\nInstallation note for Firmware version 7.5.2\n\nFirmware version 7.5.2 is installed into Time Capsule or AirPort Base\nStation with 802.11n via AirPort Utility, provided with the device. \n\nIt is recommended that AirPort Utility 5.5.2 be installed before\nupgrading to Firmware version 7.5.2. \n\nAirPort Utility 5.5.2 may be obtained through Apple\u0027s Software\nDownload site: http://www.apple.com/support/downloads/\n\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v2.0.9 (Darwin)\n\niQEcBAEBAgAGBQJNCWXyAAoJEGnF2JsdZQeevTQH/0856gTUzzmL371/nSkhn3qq\nMCPQVaEMe8O/jy96nlskwzp3X0X0QmXePok1enp6QhDhHm0YL3a4q7YHd4zjm6mM\nJUoVR4JJRSKOb1bVdEXqo+qG/PH7/5ywfrGas+MjOshMa3gnhYVee39N7Xtz0pHD\n3ZllZRwGwad1sQLL7DhJKZ92z6t2GfHoJyK4LZNemkQAL1HyUu7Hj9SlljcVB+Ub\nxNnpmBXJcCZzp4nRQM+fbLf6bdZ1ua5DTc1pXC8vETtxyHc53G/vLCu8SKBnTBlK\nJmkpGwG5fXNuYLL8ArFUuEu3zhE7kfdeftUrEez3YeL2DgU9iB8m8RkuuSrVJEY=\n=WPH8\n-----END PGP SIGNATURE-----\n\n\n. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 200905-03\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: IPSec Tools: Denial of Service\n Date: May 24, 2009\n Bugs: #267135\n ID: 200905-03\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple errors in the IPSec Tools racoon daemon might allow remote\nattackers to cause a Denial of Service. \n\nBackground\n==========\n\nThe IPSec Tools are a port of KAME\u0027s IPsec utilities to the Linux-2.6\nIPsec implementation. They include racoon, an Internet Key Exchange\ndaemon for automatically keying IPsec connections. \n\n* Multiple memory leaks exist in (1) the eay_check_x509sign()\n function in racoon/crypto_openssl.c and (2) racoon/nattraversal.c\n (CVE-2009-1632). \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll IPSec Tools users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-firewall/ipsec-tools-0.7.2\"\n\nReferences\n==========\n\n [ 1 ] CVE-2009-1574\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574\n [ 2 ] CVE-2009-1632\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1632\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-200905-03.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttp://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2009 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1804-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nMay 20th, 2009 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : ipsec-tools\nVulnerability : null pointer dereference, memory leaks\nProblem type : remote\nDebian-specific: no\nDebian bug : 527634 528933\nCVE ID : CVE-2009-1574 CVE-2009-1632\n\nSeveral remote vulnerabilities have been discovered in racoon, the Internet Key\nExchange daemon of ipsec-tools. This results in the daemon crashing which can be used\nfor denial of service attacks (CVE-2009-1574). \n\nVarious memory leaks in the X.509 certificate authentication handling and the\nNAT-Traversal keepalive implementation can result in memory exhaustion and\nthus denial of service (CVE-2009-1632). \n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 0.6.6-3.1etch3. \n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 0.7.1-1.3+lenny2. \n\nFor the testing distribution (squeeze), this problem will be fixed soon. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1:0.7.1-1.5. \n\n\nWe recommend that you upgrade your ipsec-tools packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc\n Size/MD5 checksum: 722 8b561cf84ac9c46ec07b037ce3ad06f1\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz\n Size/MD5 checksum: 49875 7444fb4ad448ccfffe878801a2b88d2e\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb\n Size/MD5 checksum: 343790 9cee9f8c479a3a2952d2913d7bdc4c5d\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb\n Size/MD5 checksum: 89184 5ccd4554eec28da6d933dc20a8a39393\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb\n Size/MD5 checksum: 325706 9ce7988b74bccee252be7dac7ac8b5f7\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb\n Size/MD5 checksum: 89748 513ded0e4a33200710444e1bf4ab67d8\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb\n Size/MD5 checksum: 353066 c56644b426ae945ca420d4ca37fc3f2a\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb\n Size/MD5 checksum: 94092 80b46b6fd60e857c84c588432b098957\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb\n Size/MD5 checksum: 330258 b905d30958bd5c51d355f286f81b8be1\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb\n Size/MD5 checksum: 85046 294ccbc4b51e4942edaeec7cd746dfa3\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb\n Size/MD5 checksum: 113356 111f0daa2075584c100efc9c11ecef73\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb\n Size/MD5 checksum: 468296 bd4d69b5e0d4ee39ec564e1304f7649c\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb\n Size/MD5 checksum: 89018 b6af57d65d43a7433132bee9657ba608\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb\n Size/MD5 checksum: 344558 aba2d85d5196c2a46555ad9e478d338a\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb\n Size/MD5 checksum: 346856 97e04d97bdd55f852392d7461bad7f4d\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb\n Size/MD5 checksum: 90308 9e780cda3df3384d0f1e33637d003f21\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb\n Size/MD5 checksum: 91048 98174626d8ad1fba940c81001c337a4f\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb\n Size/MD5 checksum: 337266 9f636e6d8904103b0096a4eed99e9cae\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb\n Size/MD5 checksum: 341586 b42ddbad323dcdbd775d502f786ab449\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb\n Size/MD5 checksum: 90750 62d4c3e618a6c69d532b8d8d33bb27b9\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb\n Size/MD5 checksum: 85710 9f1f526be4f2df4eb64d46023d87c6b3\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb\n Size/MD5 checksum: 317136 38e50e9d97b46b51d12429b9ea727858\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz\n Size/MD5 checksum: 49472 4bc8ba2bd520a7514f2c33021c64e8ce\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz\n Size/MD5 checksum: 1039057 ddff5ec5a06b804ca23dc41268368853\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc\n Size/MD5 checksum: 1144 46d3f28156ee183512a451588ef414e4\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb\n Size/MD5 checksum: 428532 052c13540da3fab19fdca83e9a389a39\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb\n Size/MD5 checksum: 114088 78065dd99d3732291e8d499383af17d9\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb\n Size/MD5 checksum: 409514 a421f12270f5b22639d67be8d2cc8b4e\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb\n Size/MD5 checksum: 104612 9ec93c697cf64232728d0dd5658efac8\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb\n Size/MD5 checksum: 104604 78fa45a7e0503e4ee87e7508294cb0b0\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb\n Size/MD5 checksum: 381692 f1943edf9599189d16a2f936fa971abc\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb\n Size/MD5 checksum: 387510 63ebe895d019d2362a0a11a0de0842c6\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb\n Size/MD5 checksum: 104268 6c224349c910ffce5bb892f2a06dc243\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb\n Size/MD5 checksum: 375004 5a43cbb6106d576ab686e9e4eb78c245\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb\n Size/MD5 checksum: 99098 6c81df8c4653265f10ad6abf68091329\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb\n Size/MD5 checksum: 131288 dfa8646655028ae53bddad7f41e9f3a4\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb\n Size/MD5 checksum: 544150 8e274b6b73125efe0fa8392398e0c5ea\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb\n Size/MD5 checksum: 103502 5bd00dfdef0862a63bb666ed949e26ef\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb\n Size/MD5 checksum: 388820 46fc10315192943b912126fe68ffeea9\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb\n Size/MD5 checksum: 104216 a271cb33c891084479ed441945672f14\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb\n Size/MD5 checksum: 390562 352f78906e08ddb861053dfed30640bf\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb\n Size/MD5 checksum: 403162 0210fa37088d78ee9aa53395aa0148e8\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb\n Size/MD5 checksum: 109438 26f043be5fb248d33b605d1987fa472a\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb\n Size/MD5 checksum: 107474 aa6203b0e9e6dacbe39520be6b849eea\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb\n Size/MD5 checksum: 399386 e965abdcf32838fff7753e789e703205\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb\n Size/MD5 checksum: 102486 57b2e115a15e08518f00158c1fe36cf2\n http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb\n Size/MD5 checksum: 373916 7e2278ac7b4f0b352814ad2f55b1213a\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show \u003cpkg\u003e\u0027 and http://packages.debian.org/\u003cpkg\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkoUDnMACgkQHYflSXNkfP8LtgCdF9LmW/TOn9JDPTVGlt+7dccI\n3MYAoJVcwmqHztsGgCgBps9hyqzrQJ5l\n=84V/\n-----END PGP SIGNATURE-----\n. \n \n Updated packages are available that brings ipsec-tools to version\n 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous\n bugfixes over the previous 0.7.1 version, and also corrects this\n issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been\n patched to address this issue. \n \n Additionally the flex package required for building ipsec-tools has\n been fixed due to ipsec-tools build problems and is also available\n with this update. \n\n Update:\n\n Packages for 2008.0 are being provided due to extended support for\n Corporate products. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1574\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 8256debb7fe84394de70499907060de6 2008.0/i586/flex-2.5.33-2.1mdv2008.0.i586.rpm\n c03c0f9fe8f564ea777b82789ac95f41 2008.0/i586/ipsec-tools-0.7.2-0.1mdv2008.0.i586.rpm\n 9da2195c693a7fe40f7afb3c5806aaca 2008.0/i586/libipsec0-0.7.2-0.1mdv2008.0.i586.rpm\n 29dcc9414a59cba30ce801b9fef416a6 2008.0/i586/libipsec-devel-0.7.2-0.1mdv2008.0.i586.rpm \n b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm\n b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 36c5d0eb92197c814b90c814d21d3372 2008.0/x86_64/flex-2.5.33-2.1mdv2008.0.x86_64.rpm\n 7a976c988badcb9fae93509acfe99aa2 2008.0/x86_64/ipsec-tools-0.7.2-0.1mdv2008.0.x86_64.rpm\n 85b8ed6e328b048c13eb503bfee8dcdc 2008.0/x86_64/lib64ipsec0-0.7.2-0.1mdv2008.0.x86_64.rpm\n a22f34f1cfac38c9029eb032e3257285 2008.0/x86_64/lib64ipsec-devel-0.7.2-0.1mdv2008.0.x86_64.rpm \n b3ceeee8a3a36388d02426b77a45d862 2008.0/SRPMS/flex-2.5.33-2.1mdv2008.0.src.rpm\n b0cb7993f29eac3d5f170c7cd3cf0cb5 2008.0/SRPMS/ipsec-tools-0.7.2-0.1mdv2008.0.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. ===========================================================\nUbuntu Security Notice USN-785-1 June 09, 2009\nipsec-tools vulnerabilities\nCVE-2009-1574, CVE-2009-1632\n===========================================================\n\nA security issue affects the following Ubuntu releases:\n\nUbuntu 6.06 LTS\nUbuntu 8.04 LTS\nUbuntu 8.10\nUbuntu 9.04\n\nThis advisory also applies to the corresponding versions of\nKubuntu, Edubuntu, and Xubuntu. \n\nThe problem can be corrected by upgrading your system to the\nfollowing package versions:\n\nUbuntu 6.06 LTS:\n racoon 1:0.6.5-4ubuntu1.3\n\nUbuntu 8.04 LTS:\n racoon 1:0.6.7-1.1ubuntu1.2\n\nUbuntu 8.10:\n racoon 1:0.7-2.1ubuntu1.8.10.1\n\nUbuntu 9.04:\n racoon 1:0.7-2.1ubuntu1.9.04.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes. (CVE-2009-1574)\n\nIt was discovered that ipsec-tools did not properly handle memory usage\nwhen verifying certificate signatures or processing nat-traversal\nkeep-alive messages",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1574"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"db": "BID",
"id": "34765"
},
{
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"db": "PACKETSTORM",
"id": "96766"
},
{
"db": "PACKETSTORM",
"id": "77778"
},
{
"db": "PACKETSTORM",
"id": "77702"
},
{
"db": "PACKETSTORM",
"id": "83402"
},
{
"db": "PACKETSTORM",
"id": "77498"
},
{
"db": "PACKETSTORM",
"id": "78176"
}
],
"trust": 2.52
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=8669",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1574"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1574",
"trust": 3.4
},
{
"db": "BID",
"id": "34765",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "35159",
"trust": 2.5
},
{
"db": "SECUNIA",
"id": "35404",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35685",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35113",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35153",
"trust": 1.7
},
{
"db": "SECUNIA",
"id": "35212",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/04/29/6",
"trust": 1.7
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2009/05/04/3",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2009-3184",
"trust": 1.7
},
{
"db": "XF",
"id": "50412",
"trust": 1.4
},
{
"db": "JUNIPER",
"id": "JSA10705",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540",
"trust": 0.8
},
{
"db": "MLIST",
"id": "[OSS-SECURITY] 20090504 RE: IPSEC-TOOLS 0.7.2",
"trust": 0.6
},
{
"db": "MLIST",
"id": "[OSS-SECURITY] 20090429 IPSEC-TOOLS 0.7.2",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2009-4394",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2009-4298",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2009-4291",
"trust": 0.6
},
{
"db": "APPLE",
"id": "APPLE-SA-2009-11-09-1",
"trust": 0.6
},
{
"db": "UBUNTU",
"id": "USN-785-1",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1804",
"trust": 0.6
},
{
"db": "MANDRIVA",
"id": "MDVSA-2009:112",
"trust": 0.6
},
{
"db": "SUSE",
"id": "SUSE-SR:2009:012",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2009:1036",
"trust": 0.6
},
{
"db": "GENTOO",
"id": "GLSA-200905-03",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "8669",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-1574",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "96766",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77778",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77702",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83402",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "77498",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "78176",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"db": "BID",
"id": "34765"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"db": "PACKETSTORM",
"id": "96766"
},
{
"db": "PACKETSTORM",
"id": "77778"
},
{
"db": "PACKETSTORM",
"id": "77702"
},
{
"db": "PACKETSTORM",
"id": "83402"
},
{
"db": "PACKETSTORM",
"id": "77498"
},
{
"db": "PACKETSTORM",
"id": "78176"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
},
{
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"id": "VAR-200905-0196",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.39272551
},
"last_update_date": "2024-07-23T21:53:12.318000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "HT3937",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3937"
},
{
"title": "HT4298",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4298"
},
{
"title": "HT3937",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht3937?viewlocale=ja_jp"
},
{
"title": "HT4298",
"trust": 0.8,
"url": "http://support.apple.com/kb/ht4298?viewlocale=ja_jp"
},
{
"title": "ipsec-tools-0.6.5-13AXS3.1",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=783"
},
{
"title": "ipsec-tools-0.6.5-8.2AXS3",
"trust": 0.8,
"url": "https://tsn.miraclelinux.com/tsn_local/index.php?m=errata\u0026a=detail\u0026eid=443"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://ipsec-tools.sourceforge.net/"
},
{
"title": "RHSA-2009:1036",
"trust": 0.8,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1036.html"
},
{
"title": "RHSA-2009:1036",
"trust": 0.8,
"url": "https://www.jp.redhat.com/support/errata/rhsa/rhsa-2009-1036j.html"
},
{
"title": "Red Hat: Important: ipsec-tools security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20091036 - security advisory"
},
{
"title": "Debian CVElist Bug Report Logs: ipsec-tools: CVE-2009-1574 remote denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=7a2f5c7415c2b82442d784c54a73a67d"
},
{
"title": "Ubuntu Security Notice: ipsec-tools vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-785-1"
},
{
"title": "Debian Security Advisories: DSA-1804-1 ipsec-tools -- null pointer dereference, memory leaks",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=0aee0799469477a479924d08d4b3c120"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.securityfocus.com/bid/34765"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/35159"
},
{
"trust": 2.0,
"url": "http://sourceforge.net/project/shownotes.php?group_id=74601\u0026release_id=677611"
},
{
"trust": 1.8,
"url": "http://security.gentoo.org/glsa/glsa-200905-03.xml"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2009/04/29/6"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=497990"
},
{
"trust": 1.7,
"url": "http://www.openwall.com/lists/oss-security/2009/05/04/3"
},
{
"trust": 1.7,
"url": "http://www.mandriva.com/security/advisories?name=mdvsa-2009:112"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg00725.html"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2009/dsa-1804"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg00746.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35113"
},
{
"trust": 1.7,
"url": "http://www.redhat.com/support/errata/rhsa-2009-1036.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35153"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35212"
},
{
"trust": 1.7,
"url": "http://www.ubuntu.com/usn/usn-785-1"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-may/msg00789.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35404"
},
{
"trust": 1.7,
"url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/35685"
},
{
"trust": 1.7,
"url": "http://support.apple.com/kb/ht3937"
},
{
"trust": 1.7,
"url": "http://lists.apple.com/archives/security-announce/2009/nov/msg00000.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/50412"
},
{
"trust": 1.1,
"url": "http://lists.apple.com/archives/security-announce/2010//dec/msg00001.html"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht4298"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10705"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/50412"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9624"
},
{
"trust": 1.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1574"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu545319"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-1574"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1574"
},
{
"trust": 0.3,
"url": "https://trac.ipsec-tools.net/ticket/303"
},
{
"trust": 0.3,
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/src/crypto/dist/ipsec-tools/src/racoon/isakmp_frag.c?f=h#rev1.4.6.1"
},
{
"trust": 0.3,
"url": "http://comments.gmane.org/gmane.comp.security.oss.general/1716"
},
{
"trust": 0.3,
"url": "http://ipsec-tools.sourceforge.net/"
},
{
"trust": 0.3,
"url": "http://xorl.wordpress.com/2009/05/04/ipsec-tools-null-pointer-dereference/"
},
{
"trust": 0.3,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1036.html"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1632"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.2,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/errata/rhsa-2009:1036"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/785-1/"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/8669/"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=20215"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4309"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2189"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-1804"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-0039"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "http://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "http://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1632"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.6.6-3.1etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.6.6-3.1etch3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_mips.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/racoon_0.7.1-1.3+lenny2_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/i/ipsec-tools/ipsec-tools_0.7.1-1.3+lenny2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_lpia.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.6.5-4ubuntu1.3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.8.10.1_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.5-4ubuntu1.3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1.dsc"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/ipsec-tools_0.6.7-1.1ubuntu1.2_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.9.04.1.dsc"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.7-2.1ubuntu1.8.10.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/ipsec-tools_0.6.7.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.ubuntu.com/ubuntu/pool/main/i/ipsec-tools/racoon_0.7-2.1ubuntu1.9.04.1_amd64.deb"
},
{
"trust": 0.1,
"url": "http://ports.ubuntu.com/pool/main/i/ipsec-tools/racoon_0.6.7-1.1ubuntu1.2_powerpc.deb"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"db": "BID",
"id": "34765"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"db": "PACKETSTORM",
"id": "96766"
},
{
"db": "PACKETSTORM",
"id": "77778"
},
{
"db": "PACKETSTORM",
"id": "77702"
},
{
"db": "PACKETSTORM",
"id": "83402"
},
{
"db": "PACKETSTORM",
"id": "77498"
},
{
"db": "PACKETSTORM",
"id": "78176"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
},
{
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"db": "BID",
"id": "34765"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"db": "PACKETSTORM",
"id": "96766"
},
{
"db": "PACKETSTORM",
"id": "77778"
},
{
"db": "PACKETSTORM",
"id": "77702"
},
{
"db": "PACKETSTORM",
"id": "83402"
},
{
"db": "PACKETSTORM",
"id": "77498"
},
{
"db": "PACKETSTORM",
"id": "78176"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
},
{
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-05-06T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"date": "2009-04-22T00:00:00",
"db": "BID",
"id": "34765"
},
{
"date": "2009-06-30T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"date": "2010-12-17T07:46:59",
"db": "PACKETSTORM",
"id": "96766"
},
{
"date": "2009-05-24T14:34:56",
"db": "PACKETSTORM",
"id": "77778"
},
{
"date": "2009-05-21T06:08:56",
"db": "PACKETSTORM",
"id": "77702"
},
{
"date": "2009-12-03T20:58:37",
"db": "PACKETSTORM",
"id": "83402"
},
{
"date": "2009-05-14T05:17:21",
"db": "PACKETSTORM",
"id": "77498"
},
{
"date": "2009-06-09T18:59:46",
"db": "PACKETSTORM",
"id": "78176"
},
{
"date": "2009-05-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200905-078"
},
{
"date": "2009-05-06T17:30:09.827000",
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-09-29T00:00:00",
"db": "VULMON",
"id": "CVE-2009-1574"
},
{
"date": "2015-03-19T08:23:00",
"db": "BID",
"id": "34765"
},
{
"date": "2011-01-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-001540"
},
{
"date": "2009-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200905-078"
},
{
"date": "2017-09-29T01:34:26.497000",
"db": "NVD",
"id": "CVE-2009-1574"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "77778"
},
{
"db": "PACKETSTORM",
"id": "77702"
},
{
"db": "PACKETSTORM",
"id": "83402"
},
{
"db": "PACKETSTORM",
"id": "77498"
},
{
"db": "PACKETSTORM",
"id": "78176"
},
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
}
],
"trust": 1.1
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ipsec-tools Service disruption in packet processing (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-001540"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200905-078"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.