Severity : Medium Published : 2009-05-14 Modified : 2010-08-21 Base Score : 5.0 Details : Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service (memory consumption) via vectors involving (1) signature verification during user authentication with X.509 certificates, related to the eay_check_x509sign function in src/racoon/crypto_openssl.c; and (2) the NAT-Traversal (aka NAT-T) keepalive implementation, related to src/racoon/nattraversal.c. Product/Version : Pro 4.x   CGE 4.x   Mobilinux 4.x   Pro 5.0   Mobilinux 5.0.24   MVL 5 Atom   CGE 5.x   Mobilinux 5.x   Pro 5.0.24   MVL 5 OMAP3   MVL 5 OMAP3530

CVE-2009-5064 CVE-2009-4895 CVE-2009-4881 CVE-2009-4880 CVE-2009-4537 CVE-2009-4410 CVE-2009-4377 CVE-2009-4355 CVE-2009-4308 CVE-2009-4307 CVE-2009-4272 CVE-2009-4141 CVE-2009-4135 CVE-2009-4134 CVE-2009-4131 CVE-2009-4029 CVE-2009-4022 CVE-2009-4021 CVE-2009-4017 CVE-2009-4005 CVE-2009-3889 CVE-2009-3767 CVE-2009-3736 CVE-2009-3726 CVE-2009-3720 CVE-2009-3639 CVE-2009-3621 CVE-2009-3620 CVE-2009-3612 CVE-2009-3563 CVE-2009-3560 CVE-2009-3559 CVE-2009-3558 CVE-2009-3557 CVE-2009-3555 CVE-2009-3550 CVE-2009-3547 CVE-2009-3490 CVE-2009-3245 CVE-2009-3238 CVE-2009-3230 CVE-2009-3228 CVE-2009-3095 CVE-2009-3094 CVE-2009-3080 CVE-2009-3002 CVE-2009-3001 CVE-2009-2910 CVE-2009-2909 CVE-2009-2908 CVE-2009-2903 CVE-2009-2849 CVE-2009-2848 CVE-2009-2847 CVE-2009-2730 CVE-2009-2563 CVE-2009-2562 CVE-2009-2560 CVE-2009-2417 CVE-2009-2412 CVE-2009-2409 CVE-2009-2042 CVE-2009-1895 CVE-2009-1891 CVE-2009-1890 CVE-2009-1632 CVE-2009-1630 CVE-2009-1574 CVE-2009-1417 CVE-2009-1389 CVE-2009-1387 CVE-2009-1386 CVE-2009-1377 CVE-2009-1337 CVE-2009-1297 CVE-2009-1269 CVE-2009-1268 CVE-2009-1267 CVE-2009-1265 CVE-2009-1252 CVE-2009-1210 CVE-2009-1196 CVE-2009-1195 CVE-2009-1194 CVE-2009-1192 CVE-2009-0949 CVE-2009-0887 CVE-2009-0859 CVE-2009-0835 CVE-2009-0834 CVE-2009-0798 CVE-2009-0791 CVE-2009-0778 CVE-2009-0316 CVE-2009-0217 CVE-2009-0163 CVE-2009-0159 CVE-2009-0028 CVE-2009-0021