Mandrake Security Advisory MDVSA-2009:112 (ipsec-tools)

The remote host is missing an update to ipsec-tools announced via advisory MDVSA-2009:112.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
racoon/isakmp_frag.c in ipsec-tools before 0.7.2 allows remote attackers to cause a denial of service (crash) via crafted fragmented packets without a payload, which triggers a NULL pointer dereference (CVE-2009-1574). Updated packages are available that brings ipsec-tools to version 0.7.2 for Mandriva Linux 2008.1/2009.0/2009.1 which provides numerous bugfixes over the previous 0.7.1 version, and also corrects this issue. ipsec-tools for Mandriva Linux Corporate Server 4 has been patched to address this issue. Additionally the flex package required for building ipsec-tools has been fixed due to ipsec-tools build problems and is also available with this update. Affected: 2008.1, 2009.0, 2009.1, Corporate 4.0