[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 To:  DLStrout <dstrout at maine dot rr dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] question/Info on racoon
 Date:  Sun, 13 Mar 2005 21:37:18 -0500
On Fri, 11 Mar 2005 15:48:46 -0500, DLStrout <dstrout at maine dot rr dot com> wrote:
> All,
> 
> Are there any known bugs/hacks/vulnerabilities with the 20040818a
> version of racoon that is in the 1.2b6 release?
> 
> SYSLOG MESSAGE:
> racoon: INFO: main.c:172:main(): @(#)package version freebsd-20040818a
> 
> My concern is that I have found that there is a vulnerability w/ the
> 20040116a version of racoon as stated here .....
> http://people.freebsd.org/~eik/portaudit/739bb51d-7e82-11d8-9645-0020ed76ef5a.html
> 

Not sure if this is an issue or not (I don't have any systems handy to
check versions and/or try the exploit) but the worst that could be
done is to take down the VPN.  It just lets remote users arbitrarily
delete SAD entries.  Not sure how it would "cause sensitive traffic to
be transmitted in plaintext", but on m0n0wall that shouldn't be the
case.  If the SAD entries for a connection get deleted, the connection
will go down (at least briefly while it's re-negotiated).

I wasn't around when this was announced, it'd be a good idea to check
the list archives from around that time.  I'd say it's no big deal. 
If somebody started deleting your SA's repeatedly it sure would be
annoying, but it's not going to get them anything unless they enjoy
pissing you off.  ;)

-Chris