OpenBSD Vulnerability

leeach · 03-25-2004, 02:49 PM

Denial of Service.

Quite the rare event.

Affected Versions:

OpenBSD 3.4 and earlier
OpenBSD-current as of March 17, 2004

From the advisory:

"An ISAKMP packet with a malformed payload having a self-reported payload length of zero will cause isakmpd to enter an infinite loop, parsing the same payload over and over again."

They have a patch here: http://www.openbsd.org/errata.html

The company that posted this found it with a tool they call "striker". However, it is only available to "qualified IPSEC vendors."

source: http://www.rapid7.com/advisories/R7-0018.html

Good luck.

chort · 03-25-2004, 04:34 PM

By the way, this only affects you if you're running isakmpd, which the vast majority of users are not doing. Even if you aren't using isakmpd, it's highly recommended that you install all vendor-supplied security patches at the earliest convenience.

leeach · 03-25-2004, 05:30 PM

Actually, there may be a large base of OBSD users that do use ISAKMPD...
I for one use it to VPN into the office from my high speed DHCP cable connection at home.

Your'e right chort, even if you Don't use it you should all patch it up.

biniar · 04-05-2004, 10:49 PM

Either way, it's better to stay up to date at least if your running a secure server environment.

chort · 04-21-2004, 02:01 AM

OK, this one is pretty old now.

Remember, you can keep track of OpenBSD security alerts either through the mailing list (security-announce@OpenBSD.org) that you can sign up for:
http://www.openbsd.org/mail.html (scroll to near the bottom of the page)
and in any of the on-line archives, such as:
http://marc.theaimsgroup.com/?l=open...nounce&r=1&w=2

Or at the errata web page:
http://www.openbsd.org/errata.html