LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices



Reply
 
Search this Thread
Old 03-25-2004, 03:49 PM   #1
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Rep: Reputation: 15
OpenBSD Vulnerability


Denial of Service.

Quite the rare event.

Affected Versions:

OpenBSD 3.4 and earlier
OpenBSD-current as of March 17, 2004

From the advisory:

"An ISAKMP packet with a malformed payload having a self-reported payload length of zero will cause isakmpd to enter an infinite loop, parsing the same payload over and over again."

They have a patch here: http://www.openbsd.org/errata.html

The company that posted this found it with a tool they call "striker". However, it is only available to "qualified IPSEC vendors."

source: http://www.rapid7.com/advisories/R7-0018.html

Good luck.

Last edited by leeach; 03-25-2004 at 06:06 PM.
 
Old 03-25-2004, 05:34 PM   #2
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
By the way, this only affects you if you're running isakmpd, which the vast majority of users are not doing. Even if you aren't using isakmpd, it's highly recommended that you install all vendor-supplied security patches at the earliest convenience.
 
Old 03-25-2004, 06:30 PM   #3
leeach
Member
 
Registered: Sep 2003
Location: /dev/null
Distribution: FreeBSD 5.4, OpenBSD 3.7
Posts: 95

Original Poster
Rep: Reputation: 15
Actually, there may be a large base of OBSD users that do use ISAKMPD...
I for one use it to VPN into the office from my high speed DHCP cable connection at home.

Your'e right chort, even if you Don't use it you should all patch it up.

Last edited by leeach; 03-25-2004 at 11:06 PM.
 
Old 04-05-2004, 11:49 PM   #4
biniar
Member
 
Registered: Jan 2004
Location: Michigan
Distribution: FreeBSD
Posts: 49

Rep: Reputation: 15
Either way, it's better to stay up to date at least if your running a secure server environment.
 
Old 04-21-2004, 03:01 AM   #5
chort
Senior Member
 
Registered: Jul 2003
Location: Silicon Valley, USA
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660

Rep: Reputation: 69
OK, this one is pretty old now.

Remember, you can keep track of OpenBSD security alerts either through the mailing list (security-announce@OpenBSD.org) that you can sign up for:
http://www.openbsd.org/mail.html (scroll to near the bottom of the page)
and in any of the on-line archives, such as:
http://marc.theaimsgroup.com/?l=open...nounce&r=1&w=2

Or at the errata web page:
http://www.openbsd.org/errata.html
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
2.6 DoS Vulnerability! /bin/bash Linux - Security 12 06-03-2005 07:45 PM
OpenBSD - Where can i get OpenBSD 3.7 ISO CD -- Please help me b:z Linux - Software 5 04-08-2005 08:09 AM
OpenBSD - Where can i get OpenBSD 3.7 ISO CD -- Please help me b:z Linux - Software 1 04-07-2005 09:46 AM
OpenBSD IP6 Vulnerability leeach *BSD 10 03-18-2004 07:33 PM
new sendmail vulnerability infamous41md Linux - Security 5 11-30-2003 07:38 PM


All times are GMT -5. The time now is 06:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration