FreeBSD : ipsec-tools -- remotely exploitable computational-complexity attack (974a6d32-3fda-11e8-aea4-001b216d295b)

high Nessus Plugin ID 109054

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Robert Foggia via NetBSD GNATS reports :

The ipsec-tools racoon daemon contains a remotely exploitable computational complexity attack when parsing and storing isakmp fragments. The implementation permits a remote attacker to exhaust computational resources on the remote endpoint by repeatedly sending isakmp fragment packets in a particular order such that the worst-case computational complexity is realized in the algorithm utilized to determine if reassembly of the fragments can take place.

Solution

Update the affected package.

See Also

https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=51682

http://www.nessus.org/u?18e95cd2

Plugin Details

Severity: High

ID: 109054

File Name: freebsd_pkg_974a6d323fda11e8aea4001b216d295b.nasl

Version: 1.3

Type: local

Published: 4/16/2018

Updated: 11/4/2024

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2016-10396

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ipsec-tools, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Patch Publication Date: 4/14/2018

Vulnerability Publication Date: 12/2/2016

Reference Information

CVE: CVE-2016-10396