CVE-2008-3651

Name of the Vulnerable Software and Affected Versions ipsec-tools versions prior to 0.7.1 ipsec-tools version 0.3.3 ipsec-tools version 0.2.5

Description The issue is related to multiple vulnerabilities in the ipsec-tools package, which can lead to a disruption of protected information availability. These vulnerabilities can be exploited remotely. A memory leak in the racoon daemon's proposal.c file allows remote authenticated users to cause a denial of service via invalid proposals.

Recommendations For ipsec-tools versions prior to 0.7.1, update to version 0.7.1 or later to resolve the issue. For ipsec-tools version 0.3.3, update to version 0.7.1 or later to resolve the issue. For ipsec-tools version 0.2.5, update to version 0.7.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the racoon daemon to minimize the risk of exploitation.