IPsec-Tools 0-Day Denial of Service
Jason Unovitch
jason.unovitch at gmail.com
Sun Jun 7 13:18:58 UTC 2015
On Sat, Jun 6, 2015 at 3:48 PM, Daniel DP. Plominski
<Daniel at plominski.eu> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> https://www.altsci.com/ipsec/ipsec-tools-sa.html
>
> security/ipsec-tools build with gssapi: CRASHED
>
> (FreeBSD 10.1 + ipsec-tools 0.8.2_1)
>
> best regards
> Daniel
> -----BEGIN PGP SIGNATURE-----
See https://bugs.freebsd.org/200334.
The issue was documented as being fixed here
https://svnweb.freebsd.org/ports?view=revision&revision=386793 and
documented in VuXML here
http://www.vuxml.org/freebsd/35431f79-fe3e-11e4-ba63-000c292ee6b8.html.
It seems highly unlikely someone was waiting for you to install
ipsec-tools and start sending packets to cause a DoS. Are you sure
this isn't just a run time issue? Perhaps with the off by default
GSSAPI option? The correct avenue to report that would be via
https://bugs.freebsd.org/bugzilla/ vice the mailing list.
Jason
More information about the freebsd-net
mailing list