KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability

KAME Racoon Malformed ISAKMP Packet Denial of Service Vulnerability

Solution:
The vendor has supplied a patch to address this issue:

http://www.securityfocus.com/data/vulnerabilities/patches/racoon_patch

SGI has released an advisory (20040506-01-U) with Patch 10075 for SGI
ProPack 3 to address this and other issues. Please see the referenced
advisory for more information.

Gentoo has released an advisory GLSA 200404-17 to address this issue. Please see the referenced advisory for more information. Gentoo has advised that users may carry out the following commands to apply fixes:

ipsec-tools users should upgrade to version 0.2.5 or later:

emerge sync
emerge -pv ">=net-firewall/ipsec-tools-0.3.1"
emerge ">=net-firewall/ipsec-tools-0.3.1"

iputils users should upgrade to version 021109-r3 or later:

emerge sync
emerge -pv ">=net-misc/iputils-021109-r3"
emerge ">=net-misc/iputils-021109-r3"

Apple has released security advisory APPLE-SA-2004-05-03 dealing with this and other issues. Please see the referenced advisory for more information.

Red Hat has released advisory RHSA-2004:165-09 dealing with this and other issues for their enterprise linux distribution. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisory for additional information.

RedHat has released an advisory FEDORA-2004-132 to address this issue in Fedora Core 2. Please see the referenced advisory for more information.

Mandrake Linux has released advisory MDKSA-2004:069 along with fixes dealing with this issue. Please see the referenced advisory for more information.

SCO has released advisory SCOSA-2005.10 to address various issues in Racoon affecting UnixWare 7.1.4. Please see the referenced advisory for more information.

Apple Mac OS X 10.2.8