From: Richard Guy Briggs (rgb_at_conscoop.ottawa.on.ca)
Date: Thu Oct 24 2002 - 09:15:20 CEST
On Wed, Oct 23, 2002 at 06:04:20PM +0200, Sebastian Krahmer wrote:
> Hi,
>
> Regarding http://www.kb.cert.org/vuls/id/459371
That bug was fixed in August. It is in 1.99 and the 2.00pre series.
>
> Do you have any info about the file:line? Do you need
> more eyes to look at the code? I found
>
> }
> goto rcvleave;
> }//AUD:
> ilen = len - iphlen - authlen;
>
> in ipsec_rcv.c which looks like what Razor is describing.
> simple ilen < 0 check should do the trick. However I think
> it would be good if 2 or 3 geeks take freeswan code
> and do a complete audit. Thoughts? ;-)
>
> regards,
> Sebastian
>
> --
> ~
> ~ perl self.pl
> ~ $_='print"\$_=\47$_\47;eval"';eval
> ~ krahmer_at_suse.de - SuSE Security Team
> ~
>
>
> _______________________________________________
> Bugs mailing list
> Bugs_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/bugs
slainte mhath, RGB
-- Richard Guy Briggs -- ~\ Auto-Free Ottawa! Canada <www.TriColour.net> -- \@ @ <www.flora.org/afo/> No Internet Wiretapping! -- _\\/\%___\\/\% Vote! -- <Green.ca> <www.FreeSWAN.org>_______GTVS6#790__(*)_______(*)(*)_______<www.Marillion.com> _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sat Nov 16 2002 - 05:20:41 CET