Package: isakmpd Severity: grave Tags: security patch Justification: user security hole
A vulnerability has been found in isakmpd: isakmpd in OpenBSD 3.8, 3.9, and possibly earlier versions, creates Security Associations (SA) with a replay window of size 0 when isakmpd acts as a responder during SA negotiation, which allows remote attackers to replay IPSec packets and bypass the replay protection. A patch is available at http://www.openbsd.org/errata.html#isakmpd -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
