Advisories ยป MGASA-2015-0243

Updated ipsec-tools packages fix CVE-2015-4047

Publication date: 08 Jun 2015
Modification date: 08 Jun 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2015-4047

Description

Updated ipsec-tools packages fix security vulnerability:

Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key
Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause
the IKE daemon to crash via specially crafted UDP packets, resulting in a
denial of service (CVE-2015-4047).
                

References

SRPMS

4/core