Debian Security Advisory

DLA-234-1 ipsec-tools -- LTS security update

Date Reported:
30 May 2015
Affected Packages:
Security database references:
In the Debian bugtracking system: Bug 785778.
In Mitre's CVE dictionary: CVE-2015-4047.
More information:

Javantea discovered a NULL pointer dereference flaw in racoon, the Internet Key Exchange daemon of ipsec-tools. A remote attacker can use this flaw to cause the IKE daemon to crash via specially crafted UDP packets, resulting in a denial of service.