CVE
- Id
- 33769
- CVE No.
- CVE-2008-3652
- Status
- Candidate
- Description
- src/racoon/handler.c in racoon in ipsec-tools does not remove an "orphaned ph1" (phase 1) handle when it has been initiated remotely, which allows remote attackers to cause a denial of service (resource consumption).
- Phase
- Assigned (20080812)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
| Id | CVE Id | CVE No. | Reference | Actions |
|---|---|---|---|---|
| 368008 | 33769 | CVE-2008-3652 | MLIST:[ipsec-tools-devel] 20080811 [PATCH] Track and delete orphaned ph1s | View |
| 368009 | 33769 | CVE-2008-3652 | URL:http://sourceforge.net/mailarchive/forum.php?thread_name=48a0c7a0.qPeWZAE0PY8bDDq%2B%25olel%40ans.pl&forum_name=ipsec-tools-devel | View |
| 368010 | 33769 | CVE-2008-3652 | CONFIRM:http://support.apple.com/kb/HT3549 | View |
| 368011 | 33769 | CVE-2008-3652 | CONFIRM:http://support.apple.com/kb/HT3639 | View |
| 368012 | 33769 | CVE-2008-3652 | APPLE:APPLE-SA-2009-05-12 | View |
| 368013 | 33769 | CVE-2008-3652 | URL:http://lists.apple.com/archives/security-announce/2009/May/msg00002.html | View |
| 368014 | 33769 | CVE-2008-3652 | APPLE:APPLE-SA-2009-06-17-1 | View |
| 368015 | 33769 | CVE-2008-3652 | URL:http://lists.apple.com/archives/security-announce/2009/Jun/msg00005.html | View |
| 368016 | 33769 | CVE-2008-3652 | GENTOO:GLSA-200812-03 | View |
| 368017 | 33769 | CVE-2008-3652 | URL:http://security.gentoo.org/glsa/glsa-200812-03.xml | View |
| 368018 | 33769 | CVE-2008-3652 | MANDRIVA:MDVSA-2008:181 | View |
| 368019 | 33769 | CVE-2008-3652 | URL:http://www.mandriva.com/security/advisories?name=MDVSA-2008:181 | View |
| 368020 | 33769 | CVE-2008-3652 | REDHAT:RHSA-2008:0849 | View |
| 368021 | 33769 | CVE-2008-3652 | URL:http://www.redhat.com/support/errata/RHSA-2008-0849.html | View |
| 368022 | 33769 | CVE-2008-3652 | SUSE:SUSE-SR:2008:025 | View |
| 368023 | 33769 | CVE-2008-3652 | URL:http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html | View |
| 368024 | 33769 | CVE-2008-3652 | SUSE:SUSE-SR:2009:004 | View |
| 368025 | 33769 | CVE-2008-3652 | URL:http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html | View |
| 368026 | 33769 | CVE-2008-3652 | UBUNTU:USN-641-1 | View |
| 368027 | 33769 | CVE-2008-3652 | URL:http://www.ubuntu.com/usn/usn-641-1 | View |
| 368028 | 33769 | CVE-2008-3652 | CERT:TA09-133A | View |
| 368029 | 33769 | CVE-2008-3652 | URL:http://www.us-cert.gov/cas/techalerts/TA09-133A.html | View |
| 368030 | 33769 | CVE-2008-3652 | BID:30657 | View |
| 368031 | 33769 | CVE-2008-3652 | URL:http://www.securityfocus.com/bid/30657 | View |
| 368032 | 33769 | CVE-2008-3652 | OVAL:oval:org.mitre.oval:def:10448 | View |
| 368033 | 33769 | CVE-2008-3652 | URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10448 | View |
| 368034 | 33769 | CVE-2008-3652 | SECUNIA:35074 | View |
| 368035 | 33769 | CVE-2008-3652 | URL:http://secunia.com/advisories/35074 | View |
| 368036 | 33769 | CVE-2008-3652 | VUPEN:ADV-2008-2844 | View |
| 368037 | 33769 | CVE-2008-3652 | URL:http://www.vupen.com/english/advisories/2008/2844 | View |
| 368038 | 33769 | CVE-2008-3652 | VUPEN:ADV-2008-2378 | View |
| 368039 | 33769 | CVE-2008-3652 | URL:http://www.vupen.com/english/advisories/2008/2378 | View |
| 368040 | 33769 | CVE-2008-3652 | SECTRACK:1020692 | View |
| 368041 | 33769 | CVE-2008-3652 | URL:http://www.securitytracker.com/id?1020692 | View |
| 368042 | 33769 | CVE-2008-3652 | SECUNIA:31478 | View |
| 368043 | 33769 | CVE-2008-3652 | URL:http://secunia.com/advisories/31478 | View |
| 368044 | 33769 | CVE-2008-3652 | SECUNIA:31624 | View |
| 368045 | 33769 | CVE-2008-3652 | URL:http://secunia.com/advisories/31624 | View |
| 368046 | 33769 | CVE-2008-3652 | SECUNIA:32759 | View |
| 368047 | 33769 | CVE-2008-3652 | URL:http://secunia.com/advisories/32759 | View |
| 368048 | 33769 | CVE-2008-3652 | SECUNIA:32971 | View |
| 368049 | 33769 | CVE-2008-3652 | URL:http://secunia.com/advisories/32971 | View |
| 368050 | 33769 | CVE-2008-3652 | VUPEN:ADV-2009-1297 | View |
| 368051 | 33769 | CVE-2008-3652 | URL:http://www.vupen.com/english/advisories/2009/1297 | View |
| 368052 | 33769 | CVE-2008-3652 | VUPEN:ADV-2009-1621 | View |
| 368053 | 33769 | CVE-2008-3652 | URL:http://www.vupen.com/english/advisories/2009/1621 | View |
| 368054 | 33769 | CVE-2008-3652 | XF:ipsectools-orphanedph1-dos(44424) | View |
Related JVN
| Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
|---|---|---|---|---|---|---|---|---|---|
| 46570 | JVNDB-2008-001880 | Ruby の WEBrick::HTTP::DefaultFileHandler におけるサービス運用妨害 (DoS) の脆弱性 | Ruby の WEBrick に実装されている WEBrick::HTTP::DefaultFileHandler には、バックトラック型正規表現の処理に不備があることによりサービス運用妨害 (DoS) 状態となる脆弱性が存在します。 | CVE-2008-3656 | 33769 | 7.8 | http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001880.html | View |
