FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
974a6d32-3fda-11e8-aea4-001b216d295bipsec-tools -- remotely exploitable computational-complexity attack

Robert Foggia via NetBSD GNATS reports:

The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending isakmp fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.


Discovery 2016-12-02
Entry 2018-04-14
ipsec-tools
< 0.8.2_3

https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682
CVE-2016-10396
35431f79-fe3e-11e4-ba63-000c292ee6b8ipsec-tools -- Memory leak leading to denial of service

Javantea reports:

It is a null dereference crash, leading to denial of service against the IKE daemon.


Discovery 2015-05-18
Entry 2015-05-19
ipsec-tools
< 0.8.2_1

https://www.altsci.com/ipsec/