Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-355: Vulnerability in IPsec Policy Processing

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-355: Vulnerability in IPsec Policy Processing
# 1  
Old 08-14-2008
S-355: Vulnerability in IPsec Policy Processing
An information disclosure vulnerability exists in the manner in which IPsec policies are imported to Windows Server 2008 domains from Windows Server 2003 domains. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would potentially disclose information intended to be encrypted on the network. The risk is LOW. An attacker intercepting the traffic on the network would be able to view and possibly modify the contents of the traffic.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Move a TXT file greater or equal 355 MB with its corresponding .LST file

Good morning, i need your help please I need to move a .TXT file greater or igual 355 MB and its correspondent .LST file in a non recursive way The operating system is: uname -a SunOS server01c 5.10 Generic_144488-01 sun4u sparc SUNW,SPARC-Enterprise For example: rw-r--r-- 1 xptol ... (8 Replies)
Discussion started by: alexcol
8 Replies

2. Solaris

What's wrong with my ipsec configuration?

I want a lan encrypted with ipsec. This is my /etc/inet/ike/config p1_xform { auth_method preshared oakley_group 5 auth_alg sha256 encr_alg aes } p2_pfs 2 this is my /etc/inet/secret/ike.preshared # ike.preshared on hostA, 192.168.0.21 #... { localidtype IP localid... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies

3. Programming

awk processing / Shell Script Processing to remove columns text file

Hello, I extracted a list of files in a directory with the command ls . However this is not my computer, so the ls functionality has been revamped so that it gives the filesizes in front like this : This is the output of ls command : I stored the output in a file filelist 1.1M... (5 Replies)
Discussion started by: ajayram
5 Replies

4. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

5. UNIX for Advanced & Expert Users

Ipsec implementation

How can i implement Ipsec between two machines in linux_ ubuntu? any link?? suggestion?? (0 Replies)
Discussion started by: elinaz
0 Replies

6. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

7. Red Hat

ipsec policy not working

Hi, I am trying to set a policy between 2 machines for all the ports except for 22 i.e. for tcp - basically I want to bypass ssh. But my policy doesn't seem to work. Here are the entries spdadd 1.2.3.4 4.3.2.1 any -P out prio 100 ipsec esp/transport//require ah/transport//require; spdadd... (0 Replies)
Discussion started by: ahamed101
0 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

ipsec

IPSEC(8)							Executable programs							  IPSEC(8)

NAME

       ipsec - invoke IPsec utilities

SYNOPSIS

       ipsec command [argument...] ipsec --help
	     ipsec --version
	     ipsec --versioncode
	     ipsec --copyright
	     ipsec --directory
	     ipsec --confdir

DESCRIPTION

       Ipsec invokes any of several utilities involved in controlling the IPsec encryption/authentication system, running the specified command
       with the specified arguments as if it had been invoked directly. This largely eliminates possible name collisions with other software, and
       also permits some centralized services.

       ipsec --help lists the available commands. Most have their own manual pages, e.g.  ipsec_auto(8) for auto.

       ipsec --version outputs version information about Linux FreeS/WAN. A version code of the form ``Uxxx/Kyyy'' indicates that the user-level
       utilities are version xxx but the kernel portion appears to be version yyy (this form is used only if the two disagree).

       ipsec --versioncode outputs just the version code, with none of --version's supporting information, for use by scripts.

       ipsec --copyright supplies boring copyright details.

       ipsec --directory reports where ipsec thinks the IPsec utilities are stored.

       ipsec --confdir reports where ipsec thinks the IPsec configuration files are stored.

FILES

       /usr/local/lib/ipsec usual utilities directory

SEE ALSO

       ipsec.conf(5), ipsec.secrets(5), ipsec_auto(8), ipsec_barf(8), ipsec_setup(8), ipsec_showhostkey(8)

       HTML documentation shipped with the release, starting with doc/index.html.  <http://www.freeswan.org/doc.html> may also be of use.

HISTORY

       Written for Linux FreeS/WAN <http://www.freeswan.org> by Henry Spencer.

BUGS

       The provision of centralized services, while convenient, does compromise the original concept of making the utilities invocable directly as
       well as via ipsec.

AUTHOR

       Paul Wouters
	   placeholder to suppress warning

libreswan							    12/29/2012								  IPSEC(8)