CVE-2008-3652

Name of the Vulnerable Software and Affected Versions ipsec-tools versions prior to 0.7.1 ipsec-tools version 0.3.3 ipsec-tools version 0.2.5

Description The issue is related to multiple vulnerabilities in the ipsec-tools package, which can lead to a disruption of protected information availability. These vulnerabilities can be exploited remotely. Specifically, in the src/racoon/handler.c file of racoon in ipsec-tools, an "orphaned ph1" (phase 1) handle is not removed when initiated remotely, allowing remote attackers to cause a denial of service through resource consumption.

Recommendations For ipsec-tools versions prior to 0.7.1, update to version 0.7.1 or later. For ipsec-tools version 0.3.3, update to a version later than 0.3.3. For ipsec-tools version 0.2.5, update to a version later than 0.2.5. As a temporary workaround, consider restricting access to the racoon handler to minimize the risk of exploitation.