Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-355: Vulnerability in IPsec Policy Processing

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-355: Vulnerability in IPsec Policy Processing
# 1  
Old 08-14-2008
S-355: Vulnerability in IPsec Policy Processing
An information disclosure vulnerability exists in the manner in which IPsec policies are imported to Windows Server 2008 domains from Windows Server 2003 domains. This vulnerability could cause systems to ignore IPsec policies and transmit network traffic in clear text. This, in turn, would potentially disclose information intended to be encrypted on the network. The risk is LOW. An attacker intercepting the traffic on the network would be able to view and possibly modify the contents of the traffic.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

7 More Discussions You Might Find Interesting

1. UNIX for Beginners Questions & Answers

Move a TXT file greater or equal 355 MB with its corresponding .LST file

Good morning, i need your help please I need to move a .TXT file greater or igual 355 MB and its correspondent .LST file in a non recursive way The operating system is: uname -a SunOS server01c 5.10 Generic_144488-01 sun4u sparc SUNW,SPARC-Enterprise For example: rw-r--r-- 1 xptol ... (8 Replies)
Discussion started by: alexcol
8 Replies

2. Solaris

What's wrong with my ipsec configuration?

I want a lan encrypted with ipsec. This is my /etc/inet/ike/config p1_xform { auth_method preshared oakley_group 5 auth_alg sha256 encr_alg aes } p2_pfs 2 this is my /etc/inet/secret/ike.preshared # ike.preshared on hostA, 192.168.0.21 #... { localidtype IP localid... (1 Reply)
Discussion started by: Linusolaradm1
1 Replies

3. Programming

awk processing / Shell Script Processing to remove columns text file

Hello, I extracted a list of files in a directory with the command ls . However this is not my computer, so the ls functionality has been revamped so that it gives the filesizes in front like this : This is the output of ls command : I stored the output in a file filelist 1.1M... (5 Replies)
Discussion started by: ajayram
5 Replies

4. Cybersecurity

IPSEC

hello, after configuration ipsec in ip4 I can not ping between client and server whereas I had success ping before configuration! I also generate different key for AH and ESP as i have shown below. what is my problem and what should i do to have ping and test the configuration? code: ... (0 Replies)
Discussion started by: elinaz
0 Replies

5. UNIX for Advanced & Expert Users

Ipsec implementation

How can i implement Ipsec between two machines in linux_ ubuntu? any link?? suggestion?? (0 Replies)
Discussion started by: elinaz
0 Replies

6. BSD

Problem on IPSec

Hi, this is my first post...:p Hello Admin :) Can I have an ask for something with my configuration ? I have finished some kind of the tutorial to build ipsec site to site, and the "step" has finished completely. I have a simulation with a local design topology with two PC's (FreeBSD ... (0 Replies)
Discussion started by: aulia
0 Replies

7. Red Hat

ipsec policy not working

Hi, I am trying to set a policy between 2 machines for all the ports except for 22 i.e. for tcp - basically I want to bypass ssh. But my policy doesn't seem to work. Here are the entries spdadd 1.2.3.4 4.3.2.1 any -P out prio 100 ipsec esp/transport//require ah/transport//require; spdadd... (0 Replies)
Discussion started by: ahamed101
0 Replies
Login or Register to Ask a Question

LEARN ABOUT NETBSD

ipsec_strerror

IPSEC_STRERROR(3)					   BSD Library Functions Manual 					 IPSEC_STRERROR(3)

NAME

     ipsec_strerror -- error messages for the IPsec policy manipulation library

LIBRARY

     IPsec Policy Control Library (libipsec, -lipsec)

SYNOPSIS

     #include <netipsec/ipsec.h>

     const char *
     ipsec_strerror(void);

DESCRIPTION

     netinet6/ipsec.h declares

	   extern int ipsec_errcode;

     which is used to pass an error code from the IPsec policy manipulation library to a program.  ipsec_strerror() can be used to obtain the
     error message string for the error code.

     The array pointed to is not to be modified by the calling program.  Since ipsec_strerror() uses strerror(3) as underlying function, calling
     strerror(3) after ipsec_strerror() will make the return value from ipsec_strerror() invalid or overwritten.

RETURN VALUES

     ipsec_strerror() always returns a pointer to a C string.  The C string must not be overwritten by the calling program.

SEE ALSO

     ipsec_set_policy(3)

HISTORY

     ipsec_strerror() first appeared in the WIDE/KAME IPv6 protocol stack kit.

BUGS

     ipsec_strerror() will return its result which may be overwritten by subsequent calls.

     ipsec_errcode is not thread safe.

BSD
								  January 4, 2012							       BSD