IPSec-Tools IKE Message Handling Denial of Service Vulnerability

info
discussion
exploit
solution
references

IPSec-Tools IKE Message Handling Denial of Service Vulnerability

IPsec-Tools is prone to a denial-of-service vulnerability. This issue is due to a failure in the application to handle exceptional conditions when in 'AGGRESSIVE' mode.

An attacker can exploit this issue to crash the application, thus denying service to legitimate users.

These vulnerabilities were discovered by, and may be reproduced by, the University of Oulu Secure Programming Group PROTOS IPSec Test Suite.