CVE-2009-1574

Name of the Vulnerable Software and Affected Versions ipsec-tools versions 0.6.5 through 0.7.1 ipsec-tools version 0.7.2 is not affected, but all versions prior to 0.7.2 are vulnerable.

Description The issue is related to multiple vulnerabilities in the ipsec-tools package, which can lead to a disruption of protected information availability. These vulnerabilities can be exploited remotely. Specifically, in ipsec-tools before version 0.7.2, remote attackers can cause a denial of service (crash) via crafted fragmented packets without a payload, triggering a NULL pointer dereference in the racoon/isakmp frag.c file.

Recommendations For ipsec-tools versions 0.6.5 through 0.7.1, update to version 0.7.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the racoon/isakmp frag.c module to minimize the risk of exploitation.