SuSE Inc. Information for VU#287771

Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets

Status

Not Affected

Vendor Statement

We reviewed critical parts of pluto (the daemon handling IKE) such as the code responsible for assembling and parsing IKE packets. We found no overflows or other bugs which could have security impacts.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.