Sebastian Krahmer, from Suse team, reported us a potential Denial of
Service in ipsec-tool's racoon (and, in fact, in all versions of
racoon, including KAME's one): a malicious Isakmp message may be used
to crash racoon, even without appropriate PSK/certificate/etc...
We still don't know exactly how dangerous is this bug (it looks like
it may not be really usable with at least some libc versions, or, at
least, the actual version of Sebabstian's proof of concept doesn't
crashes the racoon versions we tested), but there *IS* a bug.
We are currently working on a fix with Suse team and KAME team, and
would like to coordinate the fix release, as reading it will be enough
to understand how to create the evil message.....
So for now, vendors, distributors, etc... should contact us
(ipsec-tools-core@..., or contact me directly, as it
looks like I'll supervise the patch release) to be informed ASAP.
Yvan, for the ipsec-tools team.