(Apple Issues Fix for Mac OS X) Racoon Can Be Crashed By Remote Users Sending Large ISAKMP Length Values
|
|
SecurityTracker Alert ID: 1010044 |
|
SecurityTracker URL: http://securitytracker.com/id/1010044
|
|
CVE Reference:
CAN-2004-0403
(Links to External Site)
|
Date: May 4 2004
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): prior to 20040408a
|
Description:
A denial of service vulnerability was reported in Racoon. A remote user can cause Racoon to crash.
It is reported that a remote user can send a specially crafted ISAKMP header with a very large value in the length field to cause Racoon to attempt to allocate more memory than is available. As a result, the Racoon process may be terminated, the report said.
|
Impact:
A remote user can cause the Racoon daemon to crash.
|
Solution:
Apple has released a fix as part of APPLE-SA-2004-05-03 Security Update 2004-05-03.
For Mac OS X 10.3.3 "Panther"
=============================
http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z/SecUpd2004-05-03Pan.dmg
The download file is named: "SecUpd2004-05-03Pan.dmg"
Its SHA-1 digest is: 6f35539668d80ee536305a4146bd982a93706532
For Mac OS X Server 10.3.3
==========================
http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z/SecUpdSrvr2004-05-03Pan.dmg
The download file is named: "SecUpdSrvr2004-05-03Pan.dmg"
Its SHA-1 digest is: 3c7da910601fd36d4cdfb276af4783ae311ac5d7
For Mac OS X 10.2.8 "Jaguar"
=============================
http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z/SecUpd2004-05-03Jag.dmg
The download file is named: "SecUpd2004-05-03Jag.dmg"
Its SHA-1 digest is: 11d5f365e0db58b369d85aa909ac6209e2f49945
For Mac OS X Server 10.2.8
==========================
http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z/SecUpdSrvr2004-05-03Jag.dmg
The download file is named: "SecUpdSrvr2004-05-03Jag.dmg"
Its SHA-1 digest is: 28859a4c88f6e1d1fe253388b233a5732b6e42fb
|
Vendor URL: www.kame.net/racoon/ (Links to External Site)
|
Cause:
Input validation error, Resource error
|
Underlying OS:
UNIX (OS X)
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Mon, 03 May 2004 14:27:44 -0700
Subject: APPLE-SA-2004-05-03 Security Update 2004-05-03
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
APPLE-SA-2004-05-03 Security Update 2004-05-03
Security Update 2004-05-03 is now available and contains security
enhancements for the following:
CoreFoundation: Fixes CAN-2004-0428 to improve the handling of an
environment variable. Credit to aaron@vtty.com for reporting this
issue.
Apache 2: Fixes CAN-2003-0020, CAN-2004-0113 and CAN-2004-0174 by
updating to Apache 2 to version 2.0.49.
RAdmin: Fixes CAN-2004-0429 to improve the handling of large requests
AppleFileServer: Fixes CAN-2004-0430 to improve the handling of long
passwords. Credit to Dave G. from @stake for reporting this issue.
IPSec: Fixes CAN-2004-0155 and CAN-2004-0403 to improve the security
of VPN tunnels. IPSec in Mac OS X is not vulnerable to
CAN-2004-0392.
Notes:
- Security Update 2004-05-03 is available for both Mac OS X 10.3.3
and Mac OS X 10.2.8
- Security Update 2004-04-05 has been incorporated into this update
================================================
Security Update 2004-05-03 may be obtained from:
* Software Update pane in System Preferences
* Apple's Software Downloads web site:
For Mac OS X 10.3.3 "Panther"
=============================
http://download.info.apple.com/Mac_OS_X/061-1213.20040503.vngr3/2Z
/SecUpd2004-05-03Pan.dmg
The download file is named: "SecUpd2004-05-03Pan.dmg"
Its SHA-1 digest is: 6f35539668d80ee536305a4146bd982a93706532
For Mac OS X Server 10.3.3
==========================
http://download.info.apple.com/Mac_OS_X/061-1215.20040503.mPp9k/2Z
/SecUpdSrvr2004-05-03Pan.dmg
The download file is named: "SecUpdSrvr2004-05-03Pan.dmg"
Its SHA-1 digest is: 3c7da910601fd36d4cdfb276af4783ae311ac5d7
For Mac OS X 10.2.8 "Jaguar"
=============================
http://download.info.apple.com/Mac_OS_X/061-1217.20040503.BmkY5/2Z
/SecUpd2004-05-03Jag.dmg
The download file is named: "SecUpd2004-05-03Jag.dmg"
Its SHA-1 digest is: 11d5f365e0db58b369d85aa909ac6209e2f49945
For Mac OS X Server 10.2.8
==========================
http://download.info.apple.com/Mac_OS_X/061-1219.20040503.Zsw3S/2Z
/SecUpdSrvr2004-05-03Jag.dmg
The download file is named: "SecUpdSrvr2004-05-03Jag.dmg"
Its SHA-1 digest is: 28859a4c88f6e1d1fe253388b233a5732b6e42fb
Information will also be posted to the Apple Product Security web
site:
http://www.apple.com/support/security/security_updates.html
This message is signed with Apple's Product Security PGP key, and
details are available at:
http://www.apple.com/support/security/security_pgp.html
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQEVAwUBQJa38XeI0z6bzFr0AQKEjAf9HAvSxFVwKjmzZ1ZcqmVWhCfkNA9TIby7
Z9WOeAIhSFX1GVyetjQIeODLBYVj8bACK2fDj+deRv60VC6IQOxQNTSI5EwlkI/O
Tnz9q77WwV0IaNugfZHWQglKiH6j5ZhMg9xZUQTEpJChPS6u0NN3J4nhj7diqlbK
4a6N+HLQ4jQvk4hpQoFYRGOVnHzso2SJpKUN5uJ2obTSUw528Gchugr1Uez4/m9G
Pb5BZewX877Qc3t1icnlNxSXSru2TIrqef4+ZuJlek5N8lN0oda2KQ7pvkc0/raO
oJnLTiJoGFxLV5jLw7PBd7bIRpUJXZa/xtyg1lj8XUf0r5SFGRVwww==
=wmAo
-----END PGP SIGNATURE-----
_______________________________________________
security-announce mailing list | security-announce@lists.apple.com
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/security-announce
Do not post admin requests to the list. They will be ignored.
|
|
