Note: This is an archival copy of Security Sun Alert 228536 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1017433.1. |
Category Security Release Phase Resolved Solaris 9 Operating System Solaris 10 Operating System Bug Id 6348585 Date of Resolved Release 08-MAY-2006 Impact It may be possible for a remote privileged user to cause the in.iked(1M) daemon to crash or cause in.iked to send invalid data to a peer system, potentially causing that system's in.iked daemon to crash, when an IKE exchange with a malformed payload is attempted. If in.iked crashes, then IKE can not be used to exchange keying information for IPsec, thus causing a Denial of Service (DoS) to IPsec protected network traffic. This issue is revealed by the test suite described in NISCC vulnerability #273756, which is available at http://www.uniras.gov.uk/niscc/docs/br-20051114-01013.html?lang=en Contributing Factors This issue can occur in the following releases: SPARC Platform
x86 Platform
Notes:
The in.iked(1M) daemon is configured to run on a system if the file '/etc/inet/ike/config' is present. For example, the following command can be run to determine if IKE services are configured on the system: $ file /etc/inet/ike/config /etc/inet/ike/config: cannot open: No such file or directory Symptoms If this issue has been exploited, the IKE daemon may no longer be running on the system. To determine if the IKE (in.iked(1M)) daemon is not running on a system which has IKE configured, the following command can be run: $ test ! -f /etc/inet/ike/config || pgrep in.iked || \ echo "in.iked not running but should be" Note: The IKE protocol is an exchange of network packets between two or more peers. One or more of the peer systems may be running an operating system other than Solaris. In order to determine if the IKE daemon is configured and running correctly on a non-Solaris system consult the operating system vendor or operating system manuals for the system. Workaround To manually restart in.iked(1M), the following command can be run (as 'root'): # /usr/lib/inet/in.iked Resolution This issue is addressed in the following releases: SPARC Platform
x86 Platform
References113451-11114435-10 118372-07 118371-07 Attachments This solution has no attachment |
|