Contributed by Dengue on from the patch-p0 dept.
Receiving IKE payloads out of sequence can cause isakmpd(8) to crash.The answer to your next question can be found in the FAQ .
Also available as Patch 027 for OpenBSD 3.0.
(Comments are closed)
OpenBSD Journal
Contributed by Dengue on from the patch-p0 dept.
Receiving IKE payloads out of sequence can cause isakmpd(8) to crash.The answer to your next question can be found in the FAQ .
Also available as Patch 027 for OpenBSD 3.0.
(Comments are closed)
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By captain^k () on
=> `010_isakmpd.patch'
Connecting to ftp.openbsd.org:21... connected!
Logging in as anonymous ... Logged in!
==> SYST ... done. ==> PWD ... done.
==> TYPE I ... done. ==> CWD /pub/OpenBSD/patches/3.1/common ... done.
==> EPRT ...
Invalid EPRT.
==> PORT ... done. ==> RETR 010_isakmpd.patch ...
No such file `010_isakmpd.patch'.
By zenz.hu () zenz.hu@163.com on mailto:zenz.hu@163.com
Comments
By Anonymous Coward () on
7/6/02 7:10 EST
By jose nazario () on http://www.monkey.org/~jose/
i think i found a major chunk of the patch for 3.1 (the patch is still awol, i'm asking around why it is). if you look at the changes for src/sbin/isakmpd/message.c you'll see the message "Receiving IKE payloads out of sequence can cause isakmpd to crash.". the diff (for 3.0) is here:
http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/isakmpd/message.c.diff?r1=1.45.2.1&r2=1.45.2.2
we'll update once the patch is visible ... in the meantime, dig around in the source and cvs up if you have to, it appears this hasn't even been tagged for 3.1-stable or HEAD.
By Anonymous Coward () on
Comments
By Anonymous Coward () on
b) isakmpd doesn't run by default
c) there is no mention of exploitability (but that doesn't mean its just a realibility fix)
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By Rinsoblue () on
Rin